How can I make port routing for containers in proxmos?

Question

I use proxmox and I need to make port routing for virtual machines and containers, I use:

qm set 100 -args "--redir tcp:1000::1001"»

Command for port routing on VM. It works well, but doesn't work for containers. The error when I use it for containers is:

Configuration file '100.conf' does not exist.

How can I make port routing for containers in proxmox?

Answer 1

The qm command in proxmox is used for qemu virtual machines (kvm) and not for the LXC containers. It's normal not to work for LXC since when executed, it tries to find a kvm virtual machine configuration for that ID. That id being an LXC container and not a KVM machine, has no configuration file.

In order to map ports to an LXC container you'll have to use iptables (afaik there is no similar qm tool for lxc). Login to your proxmox server via SSH, become root and the syntax for port forwarding is like this:

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport PORT -j DNAT --to [LXC-container-IP:PORT]

For example if you want to map let's say port 9999 to port 9999 of your LXC container (let's assume the lxc container has ip 1.1.1.1 for the sake of the example), your iptables rule is:

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9999 -j DNAT --to [1.1.1.1:9999]

Please keep in mind that, your default ethernet device might not be eth0 but vmbr0 or whatever that is. So replace eth0 with the corresponding device.