I have one VM set up as a Clear-OS gateway. I am wanting to have a DMZ on my router which forwards all public traffic to ClearOS and then be able to program ClearOS to forward the traffic to the relevant VM’s.
Can’t seem to find any tutorials on this. It would be a virtual network with ClearOS as the gateway. Any help would be greatly appreciated!
| Hardware router | ---- | OpenNebula’s Node | -////- | ClearOS VM | – | Other VMs | -////-
If so what’s the OS in the OpenNebula’s Node?. I’ve done similar things in the past using forwarding rules with iptables, my hardware router was configured to forward all traffic to the node and then the forwarding rules sent the traffic to one virtual machine. You’ll have to enable IPv4 forwarding if that’s not already enabled… but before continuing I’d like to be sure that this is the scenario you’re trying to configure and that this is the right forum to discuss this issue… as you stated this is more a general networking question. Maybe we can discuss about this privately and then share our final thoughts in the forum for a possible use case / scenario for OpenNebula deployments.
Thank you for your reply and yes that’s exactly what I am wanting to do.
I am using centos 7 for the node.
I am not all so savvy with networking. The problem I am facing is getting
clearos to be the “router” / gateway for the virtual network created in
open-nebula.
Maybe I am going about this all wrong. All I am really trying to do is e.g.
make www.mydomain.com go to one vm and www.mydomain2.com go to another and
so on. Maybe I don’t need clearos? What do most people do to get this sort
of dns functionality with open-nebula. I feel like it needs to be part of
sunstone as a fundamental implementation.
We agree, and we are already working on a Virtual Router appliance that will be fully integrated in sunstone.
Development is done in ticket #4215
Right now the code is still in a very early stage, but OpenNebula 5.0 will allow you to deploy virtual routers and configure a few networking services like NAT, DHCP, etc.