我已经设置了Openvpn服务器的默认子网设置,我正在运行一些Docker容器。
我设法通过将push "route 172.17.0.0 255.255.0.0"到openvpn server.conf中来使其成为可ping通的,但是我无法连接到在Docker容器上运行的任何服务。
$ ping 172.17.0.3 Pinging 172.17.0.3 with 32 bytes of data: Reply from 172.17.0.3: bytes=32 time=29ms TTL=63 Reply from 172.17.0.3: bytes=32 time=29ms TTL=63 Reply from 172.17.0.3: bytes=32 time=30ms TTL=63 Reply from 172.17.0.3: bytes=32 time=29ms TTL=63 Ping statistics for 172.17.0.3: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 29ms, Maximum = 30ms, Average = 29ms $ ssh 172.17.0.3 ssh: connect to host 172.17.0.3 port 22: Connection timed out
我的networking老师帮了我。 解决的办法是添加这些iptables规则:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 172.17.0.1 iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT