On Sat, 01 Aug 2015 10:23:56 +0200 azteca <azteca@xxxxxxxxx> wrote: > > Good day, Ladies and Gentlemen! > > If I might politely ask you, to assist an utter noob to the subject of > iptables with the following issue: > > Currently, I am in the process of setting up a KVM host with several > virtual machines, each of them has an own public IP. > That means, that four different IP-addresses are being routed to the > host's eth0. > > What I am trying to achieve, is to let the host have one IP, under which > it is reachable, and to forward each of the remaining three addresses, > each with an own DNS record, to one of three according KVM guests via NAT. > > What I have accomplished so far, is the following: > .) The KVM host is reachable per ssh through an enabled net-filter, > whose INPUT and FORWARD policy are otherwise set to DROP. That the > net-filter does work properly, is verifiable through /var/log/messages. > .) The KVM host is able to connect to a DNS Server properly. > .) The KVM host can send mails via nullmailer. > .) Also could I set up a KVM guest with Debian 8.1 Linux per > net-install, meaning, the installation inside the virtual machine was > able to reach the source mirrors from a minimal start-up CD-image, and > to download the missing installation packets from there. > > What I am failing with, is, to connect to the single first setup KVM > guest in which ever way. You may have overlooked: echo 1 > /proc/sys/net/ipv4/ip_forward Without that, your system won't route packets. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
