Home Explore Help
Sign In
Qubes
/
core-agent-linux
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

network: use /32 netmask on internal IPs in NAT providing namespace

Use /32 inside network namespace too. Otherwise inter-VM traffic is
broken - as all VMs seems to be in a single /24 subnet, but in fact are
not.

QubesOS/qubes-issues#1143
Marek Marczykowski-Górecki 7 years ago
parent
c8213ea55a
commit
24b726a3bf
1 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 2 2
      network/vif-qubes-nat.sh

+ 2 - 2
network/vif-qubes-nat.sh
View File 

@@ -1,7 +1,6 @@
 
 #!/bin/bash
 
 #set -x
 
 
-netvm_subnet=/24
 
 undetectable_netvm_ips=
 
 
 netns="${vif}-nat"
 
@@ -85,13 +84,14 @@ if test "$command" == online; then
 
         netns iptables -t nat -I POSTROUTING -o "$netns_appvm_if" -s "$netvm_dns2_ip" -j SNAT --to-source "$appvm_dns2_ip"
 
     fi
 
 
-    netns ip addr add "$netvm_ip$netvm_subnet" dev "$netns_netvm_if"
 
+    netns ip addr add "$netvm_ip" dev "$netns_netvm_if"
 
     netns ip addr add "$appvm_gw_ip" dev "$netns_appvm_if"
 
 
     netns ip link set "$netns_netvm_if" up
 
     netns ip link set "$netns_appvm_if" up
 
 
     netns ip route add "$appvm_ip" dev "$netns_appvm_if" src "$appvm_gw_ip"
 
+    netns ip route add "$netvm_gw_ip" dev "$netns_netvm_if" src "$netvm_ip"
 
     netns ip route add default via "$netvm_gw_ip" dev "$netns_netvm_if" src "$netvm_ip"