Hi,
On Wed, Mar 7, 2012 at 10:13 PM, Ed Heron Ed@heron-ent.com wrote:
My goal:
To access NFS shares on a (non-virtualized) file server in the LAN network from the domU web server in the DMZ network.
<snip>
My problem:
If my domU web server is connected to both LAN and DMZ using the two bridges xenbr0 and xenbr1, I can access the NFS share from the domU web server and everything else works as expected, except for one thing -- my workstations in the LAN cannot anymore access the web server: web pages do not open anymore and from the workstations I cannot ping the domU. If the web server domU is only connected to DMZ via xenbr0, the workstations can access it ok.
Any advice what I am doing wrong and I could fix my setup?
The postrouting command uses -o eth2. To NAT LAN requests to your DMZ web server, shouldn't you be using xenbr0?
Thanks Ed for your advice, that was the thing I was missing. After adding a postrouting command for xenbr0 everything works as expected.
Cheers, Peter