[Lxc-users] Destination Host Unreachable from LXC guest
Luis M. Ibarra
michael.ibarra at gmail.com
Tue Jul 9 21:35:58 UTC 2013
HI everybody,
I didn't solve the problem, but I use the same configuration in a real
computer an it worked. Definitely it was a problem with Virtualbox and the
way it routes the packets internally. My objective was only install and
test a linux container... so far so good.
Thanks for the advices and your time.
2013/7/8 Walter <walter.stanish+lxc-users at gmail.com>
> Assuming you have IP forwarding enabled on the LXC host's kernel
> (sysctl -w net.ipv4.ip_forward=1) as reported...
>
> Check you have allowed forwarding of packets to/from that interface
> with 'iptables-save' (dump current rules).
>
> If not, try adding some rules like:
> # at filter table, allow input (receiving packets) from vboxnet0 interface
> iptables -t filter -A INPUT -i vboxnet0 -j ACCEPT
> # at filter table, allow output (sending packets) to vboxnet0 interface
> iptables -t filter -A OUTPUT -o vboxnet0 -j ACCEPT
> iptables -t filter -A FORWARD -i vboxnet0 -j ACCEPT
>
> If you want to then add NAT access for the LXC guest to the internet,
> something quick might look like:
> iptables -t nat -A POSTROUTING -o boxnet0 -j MASQUERADE
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>
> Also double-check in the LXC guest that you have no firewall rules
> active or that they default to ACCEPT (again, use 'iptables-save').
> Finally, if you want the guest to route beyond the host, check that
> the LXC guest has a default route configured.
>
> For additional debugging, I'd recommend using tcpdump and ping within
> the host and the guest.
>
> - Walter
>
--
Luis M. Ibarra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130709/12482e1f/attachment.html>
More information about the lxc-users
mailing list