For this to make sense I need to set the scene a bit.
I have a dedicated server with 5 public Ips : A.B.C.1 to A.B.C.5
A.B.C.1 manages the dedicated server itself, and A.B.C.2 - 5 are used for OpenVZ containers. I want each public IP to be linked to multiple containers - For instance A.B.C.2 should forward traffic on Port 80 to the container at 192.168.2.1 and traffic on port 21 to the container at 192.168.2.2 .
Using IPTables to NAT the traffic works if only one external IP is in use, however if I try to add multiple public IPs to route I lose all network connection to all containers, they cannot ping and cannot receive incoming traffic. However access to the Host node remains.
The output of iptables -t nat -L on the host node is below:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT udp -- anywhere A.B.C.2 udp dpt:9987 to:192.168.2.1:9987
DNAT tcp -- anywhere A.B.C.2 tcp dpt:10011 to:192.168.2.2:10011
DNAT tcp -- anywhere A.B.C.2 tcp dpt:30033 to:192.168.2.2:30033
DNAT tcp -- anywhere A.B.C.3 tcp dpt:80 to:192.168.3.1:80
DNAT tcp -- anywhere A.B.C.4 tcp dpt:25565 to:192.168.4.1:25565
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 192.168.2.0/24 anywhere to:A.B.C.2
SNAT all -- 192.168.3.0/24 anywhere to:A.B.C.3
SNAT all -- 192.168.4.0/24 anywhere to:A.B.C.4
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
The Host node has one phyical NIC - eth0, which has an IP of A.B.C.1
The Host is running Centos 6.3, and each of the VMs are running Debian 7.
My OpenVZ kernel version is 2.6.32-042stab108.2
