0

I have a tunnel interface tunl0 with few IP addresses, in the same host, there is a container.

The container has an interface eth0 and many IP addresses in it. Each IP in the eth0 interface of the container listens for different applications.

So when a certain IP in the tunl0 receives a packet, it should be sent to a certain IP of the container.

Example : host -

tunl0@NONE: <NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ipip 0.0.0.0 brd 0.0.0.0
    inet 1.1.1.1/32 scope link tunl0
       valid_lft forever preferred_lft forever
    inet 1.1.1.2/32 scope link tunl0
       valid_lft forever preferred_lft forever

container -

eth0@if114: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
   valid_lft forever preferred_lft forever
inet 172.17.0.4/32 scope global eth0
   valid_lft forever preferred_lft forever

When a packet comes to 1.1.1.1 of tunl, it should be routed to the 172.17.0.4.

I tried the below iptable rule, but it didn't work.

iptables -t nat -A PREROUTING -d 1.1.1.1 -p tcp --dport 80 -j DNAT --to-destination 172.17.0.4:80

I have tried other rules too, but they don't make sense to be posted here.

Any kind help or direction would be really appreciated !

Thanks

Vignesh SP
  • 129
  • 1
  • 10
  • @A.B I've cleared all nat rules with iptables -t nat -F and added my rule. – Vignesh SP Apr 29 '20 at 13:09
  • ok, I am checking all the points that you have mentioned above. – Vignesh SP Apr 29 '20 at 13:23
  • I tried curl the container normally and it worked, if I specify the source interface with the curl like `curl --interface tunl container-ip/endpoint`, it gives the same issue. maybe something to do with the interface? – Vignesh SP Apr 29 '20 at 13:44

0 Answers0