[CentOS-virt] routing problem with domU bridged to two networks
peter.peltonen at gmail.com
Fri Mar 16 12:23:53 EDT 2012
On Wed, Mar 7, 2012 at 10:13 PM, Ed Heron <Ed at heron-ent.com> wrote:
>> My goal:
>> To access NFS shares on a (non-virtualized) file server in the LAN
>> network from the domU web server in the DMZ network.
>> My problem:
>> If my domU web server is connected to both LAN and DMZ using the two
>> bridges xenbr0 and xenbr1, I can access the NFS share from the domU
>> web server and everything else works as expected, except for one thing
>> -- my workstations in the LAN cannot anymore access the web server:
>> web pages do not open anymore and from the workstations I cannot ping
>> the domU. If the web server domU is only connected to DMZ via xenbr0,
>> the workstations can access it ok.
>> Any advice what I am doing wrong and I could fix my setup?
> The postrouting command uses -o eth2. To NAT LAN requests to your DMZ
> web server, shouldn't you be using xenbr0?
Thanks Ed for your advice, that was the thing I was missing. After
adding a postrouting command for xenbr0 everything works as expected.
More information about the CentOS-virt