New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
problem to set up vpn in my openvz vps.
guyusoftware
Member
[root@test ~]# /sbin/iptables --table nat -A POSTROUTING -o venet0 -j MASQUERADE
iptables: Unknown error 4294967295
Solve!
[root@test ~]# modprobe iptable_nat
WARNING: /etc/modprobe.conf line 1: ignoring bad line starting with 'options'
FATAL: Could not load /lib/modules/2.6.32-042stab065.3/modules.dep: No such file or directory
I have root of that dedicated server.
How to solve it?
P/s: CentOS 6 x64+Solusvm+OpenVZ
Comments
OpenVZ doesn't allow clients to load modules; containers inherit modules from the host node.
Ask your host to insert any modules needed.
Is it a dedi or a VPS?
Who is your vps through?
@Damian @Ishaq @24khost This dedi is belong to me and I want to set up vpn in my vps on it. I had already inserted the modules for vps by command below.
vzctl set xxx --iptables ip_tables --iptables ip_conntrack --iptables iptable_nat --iptables iptable_filter --iptables ipt_length --iptables ipt_limit --iptables iptable_mangle --iptables ipt_REJECT --save
That command doesn't insert the modules, instead it allows the container to use the modules. It's also somewhat deprecated; since a few years ago, what modules the containers can used is controlled on a global basis by the host node.
modprobe them on the host node like:
modprobe ip_conntrack
modprobe iptable_nat
etc
Then verify that they're loaded with:
lsmod | grep ip
@Damian Is it loaded already?
ipt_REDIRECT 1888 0
iptable_mangle 3493 0
ip6t_REJECT 4743 0
xt_multiport 2716 0
ipt_LOG 6405 0
ipt_REJECT 2399 1
iptable_filter 2937 5
iptable_nat 6302 2
nf_nat 23213 3 ipt_REDIRECT,nf_nat_ftp,iptable_nat
nf_conntrack_ipv4 9946 17 iptable_nat,nf_nat
nf_conntrack 80666 6 nf_nat_ftp,nf_conntrack_ftp,xt_state,iptable_nat,nf_nat,nf_conntrack_ipv4
nf_defrag_ipv4 1531 1 nf_conntrack_ipv4
ip_tables 18151 3 iptable_mangle,iptable_filter,iptable_nat
ip6table_filter 3033 1
ip6table_mangle 3669 0
ip6_tables 19714 2 ip6table_filter,ip6table_mangle
ipv6 327971 456 ip6t_REJECT,ip6table_mangle
Appears so; I see them in the list.
@Damian The modules is loaded but the vps also occur that problem. Quite make me confused.
Do:
cat /proc/net/ip_tables_targets
inside the VPS itself and post the output
@Damian Any problem?
[root@test ~]# cat /proc/net/ip_tables_targets
REDIRECT
MASQUERADE
TCPMSS
LOG
TOS
TOS
DSCP
REJECT
DNAT
SNAT
ERROR
Oh, your modules list didn't list masquerade. Do these on the host node:
modprobe ipt_MASQUERADE
modprobe nf_nat
And reboot the VPS, then see if it works now.
@Damian Also cannot so sad ;(
pptp vpn meet 619 and 809 error too.
[root@test ~]# modprobe ip_tables
WARNING: /etc/modprobe.conf line 1: ignoring bad line starting with 'options'
FATAL: Could not load /lib/modules/2.6.32-042stab065.3/modules.dep: No such file or directory
Where's this being done at? I see ip_tables in: http://www.lowendtalk.com/discussion/comment/177735#Comment_177735
@Damian my dedi . When I run this command in vps, no any information print out.
It won't, it's Linux. No information = nothing to tell you, because the command succeeded.
What's the contents of /etc/modprobe.conf?
Try
iptables -t nat -A POSTROUTING -j SNAT --to-source URVPSIP
@Damain options ip_pkt_list_tot=100
@Cirium same cry ;(
Always remember. OpenVZ sucks.
As above, use SNAT and not MASQUERADE in ovz.
@arieonline @MartinD also cannot....619 error and 809 error.
What are these "619 error" and "809 error"
Why is this here?
@Damian
When I connect to vpn, it sometimes occurs 809 error and sometimes 619 error.
I also dunno, a centos 5 x86 template from openvz.org.
When I put "809 error" or "619 error" into Google, I get many responses on potential fixes. Which ones have you tried so far?
@Damian I had already tried for many method but nothing help for me so I post on LET. Is that this issue always occur for RHEL6-based OpenVZ kernel?
No, we're a RHEL6-based shop and haven't seen this persistent of an issue.
So sad. Solusvm also but still has a lot of problem. Make me crazy now. I think I will give up for fixing this issue. Nevermind. Thanks a lot for all your help.
@Damian @Cirium @MartinD @arieonline
[root@test ~]# cat /dev/ppp
cat: /dev/ppp: Operation not permitted
so strange. It already become problem like this... ;(
@guyusoftware follow this tip
http://wiki.vpslink.com/TUN/TAP_device_with_OpenVPN_or_Hamachi
@DannyAlex different one. This is a issue for my openvz server. It seem something wrong to it.
If the print out information is not "Permission denied". That is quite easy to settle if without other issue.