-1

I'm looking in to starting my own hosting company; even if I'm only paid in experience.

At first, I thought I'd create shell scripts to automate the creation of OpenVZ containers. But then I realized I'd also need custom IpTables rules set for each container, and play with DNAT/SNAT to give each container access to the outside world.

However, that would mean each container would have to operate and run services over un-conventional port numbers. How is it that a hosting provider can have a single public IP address for a multitude of containers, and all of them can access a service--like ssh for example--over port 22?

More so, the IPtables rules would have to be created statically. What is someone logged in, and wanted to run their own service? How would they typically account for that?

I can only assume I'm missing something crucial to understanding the big picture.

Andrew Schulman
  • 8,811
  • 21
  • 32
  • 47
theCowardlyFrench
  • 119
  • 3
  • 2
    Don't take it the wrong way, but while it can be somehow fun for you at start, you will definately only be paid in **bad** experience if you start asking yourself with that kind of questions about practices that your potential customers likely know much better than you do. Also, I'm not sure you realize the range of knowledge you will need to get the job done a professional way, and the amount of aspects that *hosting* companies deal with. Better find a job as a beginner in a hosting company and once you have the experience and an innovative concept, then you can start something. – Xavier Lucas Mar 27 '15 at 22:34
  • Still seems like a good question though. – Andrew Schulman Mar 28 '15 at 10:59

1 Answers1

1

Rather than using NAT the container gets assigned a virtual ethernet device, with its own MAC address that can then act as an independent host on the network, with it's own routable IP-address.

The physical host offers a virtual network bridge, which transparently forwards packages to and from the physical network it is connected to and the container(s), without any specific knowledge of ports, protocols etc.

HBruijn
  • 77,029
  • 24
  • 135
  • 201