我已经使用默认子网设置设置了一个 Openvpn 服务器,并且正在运行一些 Docker 容器。
我设法通过添加push "route 172.17.0.0 255.255.0.0"到 openvpn使它们可 ping 通server.conf,但我无法连接到 Docker 容器上运行的任何服务。
$ ping 172.17.0.3
Pinging 172.17.0.3 with 32 bytes of data:
Reply from 172.17.0.3: bytes=32 time=29ms TTL=63
Reply from 172.17.0.3: bytes=32 time=29ms TTL=63
Reply from 172.17.0.3: bytes=32 time=30ms TTL=63
Reply from 172.17.0.3: bytes=32 time=29ms TTL=63
Ping statistics for 172.17.0.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 30ms, Average = 29ms
$ ssh 172.17.0.3
ssh: connect to host 172.17.0.3 port 22: Connection timed out
答案1
我的网络老师帮助了我。解决方案是添加以下 iptables 规则:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 172.17.0.1
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT