mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 06:38:53 +01:00
Update the Vserver article with IPv6 and a graphic
This commit is contained in:
parent
338c021272
commit
f538aecd82
@ -88,8 +88,12 @@
|
|||||||
<section>
|
<section>
|
||||||
<title>Vserver Zones</title>
|
<title>Vserver Zones</title>
|
||||||
|
|
||||||
<para>You create a zone that includes one or more Linux-vserver instances
|
<para>Here is a diagram of the network configuration here at Shorewall.net
|
||||||
as follow.</para>
|
during the summer of 2010:</para>
|
||||||
|
|
||||||
|
<graphic align="center" fileref="images/Network2010a.png" />
|
||||||
|
|
||||||
|
<para>I created a zone for the vservers as follows:</para>
|
||||||
|
|
||||||
<para><filename>/etc/shorewall/zones</filename>:</para>
|
<para><filename>/etc/shorewall/zones</filename>:</para>
|
||||||
|
|
||||||
@ -116,5 +120,27 @@ drct eth3:dynamic
|
|||||||
|
|
||||||
<para>Once a vserver zone is defined, it can be used like any other zone
|
<para>Once a vserver zone is defined, it can be used like any other zone
|
||||||
type.</para>
|
type.</para>
|
||||||
|
|
||||||
|
<para>Here is the corresponding IPv6 configuration.</para>
|
||||||
|
|
||||||
|
<para><filename>/etc/shorewall6/zones</filename></para>
|
||||||
|
|
||||||
|
<programlisting>#ZONE TYPE OPTIONS IN OUT
|
||||||
|
# OPTIONS OPTIONS
|
||||||
|
fw firewall
|
||||||
|
net ipv6
|
||||||
|
loc ipv6
|
||||||
|
vpn ipv6
|
||||||
|
<emphasis role="bold">dmz ipv6</emphasis>
|
||||||
|
</programlisting>
|
||||||
|
|
||||||
|
<para><filename>/etc/shorewall6/hosts</filename>:</para>
|
||||||
|
|
||||||
|
<programlisting>#ZONE HOST(S) OPTIONS
|
||||||
|
dmz sit1:[2001:470:e857:1::/64]</programlisting>
|
||||||
|
|
||||||
|
<para>Note that I choose to place the Vservers on sit1 (the IPv6 net
|
||||||
|
interface) rather than on eth1. Again, it really doesn't matter
|
||||||
|
much.</para>
|
||||||
</section>
|
</section>
|
||||||
</article>
|
</article>
|
||||||
|
BIN
docs/images/Network2010a.dia
Normal file
BIN
docs/images/Network2010a.dia
Normal file
Binary file not shown.
BIN
docs/images/Network2010a.png
Normal file
BIN
docs/images/Network2010a.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 101 KiB |
Loading…
Reference in New Issue
Block a user