0

I've set up two containers with lxd, one with haproxy, pointing to the other with nginx.

I want my server's incoming traffic on port 80 to go to the container with haproxy. This is the rule I've given iptables, but I still cannot access my server from the local network on my laptop (giving the browser the server's local ip).

-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.148.218.95:80

I also tried

$ curl http://127.0.0.1:80 curl: (7) Failed to connect to 127.0.0.1 port 80: Connection refused

and

$ curl http://192.168.100.5:80 curl: (7) Failed to connect to 192.168.100.5 port 80: Connection refused

on the server itself.

Can someone enlighten me?

Improve this question

1 Answer 1

Reset to default
0

I figured it out (though I am not sure why yet):

-A PREROUTING  -d 192.168.100.5/32 -j DNAT --to-destination 10.148.218.95
-A OUTPUT      -d 192.168.100.5/32 -j DNAT --to-destination 10.148.218.95
-A POSTROUTING -s 10.148.218.95/24 -d 10.0.4.30/32 -j MASQUERADE
Improve this answer
2
  • because trying from your host does not count as routing. so there's no prerouting, it's output
    – A.B
    Commented May 12, 2018 at 23:51
  • I see. Good point!
    – user3459805
    Commented May 14, 2018 at 21:19

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .