Forward Ports to Private VEs (DNAT)

Use network address translation (DNAT) to forward ports to virtual machines which are connected in a private subnet (e.g. The following statement will forward all packets received at the HN eth0 interface on port 443 to the virtual interface with address, port 443.

hn# iptables -A PREROUTING -t nat -i eth0 -p tcp -d --dport 443 -j DNAT --to-dest

Make sure you specified the HN interface address (-d) otherwise request of all VEs will be sent to the specified destination host as well. Use the following command to list iptables NAT rules

hn# iptables -L -n -t nat
target prot opt source destination
DNAT tcp -- tcp dpt:80 to: