SYMPTOMS
NAT module does not work in container, you get "can't initialize iptables table 'nat'" error:
# iptables -t nat -L -n
iptables v1.2.11: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
The following Iptables modules settings are configured on the hardware node:
# cat /proc/net/ip_tables_targets
LOG
TOS
TCPMSS
REJECT
ERROR
# grep con /etc/modprobe.conf
options ip_conntrack ip_conntrack_disable_ve0=1
RESOLUTION
If order to enable NAT you should perform the following actions on the hardware node:
- stop Virtuozzo service and all containers:
# service vz stop
- reconfigure IPtables module "ip_conntrack":
# sed -i '/ip_conntrack/ d' /etc/modprobe.conf
# echo "options ip_conntrack ip_conntrack_disable_ve0=0" >> /etc/modprobe.conf
- restart IPtables service:
# service iptables restart
- start Vituozzo service and all CTs:
# service vz start
--- http://kb.parallels.com/en/5228
Iptables NAT module does not work in container
Posted by adminix Labels: Knowledgebase, Linux, Virtuozzo
Recommended buys!
Subscribe to:
Post Comments (Atom)
0 comments
Post a Comment