hello I''m using the 2.6 series 5 vservers on eth1 running on debian unstable and I wanted two of them to be used as "proxies". One of the proxies has 3 interfaces (well 4 if you count the ath0 interface whose traffic I''d like to pass through the "vproxy"); one facing the hosts''/out interface, one facing the "dmz" where two vservers reside and one facing the second "vproxy" which masks the LAN and its "vserver/file-server" which will provide services for the LAN. Iptables cannot be run inside the vservers so it''s the hosts shorewall config which will take care traffic control. Before I go into greater details I wanted to know if anyone had any experience with this kind of configuration? So if anyone has any familiarity with that kind of setup let me know and I''ll give greater details. Badiane ____________________________________________________ Yahoo! Sports Rekindle the Rivalries. Sign up for Fantasy Football http://football.fantasysports.yahoo.com
Badiane Ka wrote:> ... > Iptables cannot be run inside the vservers so it''s the > hosts shorewall config which will take care traffic > control. > > Before I go into greater details I wanted to know if > anyone had any experience with this kind of > configuration? > > So if anyone has any familiarity with that kind of > setup let me know and I''ll give greater details.Search the list archives - there was a question about it earlier this month, although if i remember correctly the resolution was that they didn''t end up using shorewall. -- Paul Gear, Manager IT Operations, Redlands College 38 Anson Road, Wellington Point 4160, Australia (Please send attachments in portable formats such as PDF, HTML, or OpenOffice.) -- The information contained in this message is copyright by Redlands College. Any use for direct sales or marketing purposes is expressly forbidden. This message does not represent the views of Redlands College.