I have a dedicated server (running Ubuntu 20.04) running a VM in Virtualbox. This VM (also running on Ubuntu 20.04) has several applications running in dedicated LXC containers managed by LXD. The VM is connected to the host using a Host-only Adapter on the interface vboxnet0 and the containers use an LXD bridge. So I have the following structure (the IP are obviously not the real ones):
- Dedicated server: public IP 66.66.66.66, host-only adapter IP 55.55.55.1
- VM: Host-only adapter IP 55.55.55.2, LXD bridge IP 44.44.44.1
- Application container: LXD bridge IP 44.44.44.2
What i'm trying to do is to redirect the traffic to the public IP and a specific port (let's say 80) to the container hosting the adapted service, something like 66.66.66.66:80 -> 44.44.44.2:80.
The idea I had was to create a specific route in my dedicated server in order to make the LXD subnet accessible:
- ip route add 44.44.44.0/24 via 55.55.55.2 dev vboxnet0
Then to setup an IPTABLES redirection (using information from this post:Channel all the traffic on an IP to a VM)
- iptables -t nat -A PREROUTING -p tcp -d 66.66.66.66 --dport 80 -j DNAT --to-destination 44.44.44.2
- iptables -t nat -A POSTROUTING -p tcp -s 44.44.44.2 -j MASQUERADE
After that, i'm still unable to reach my container using the public ip. What am i doing wrong ? Any help will be welcome.
