OpenVZ Forum


Home » General » Support » 2.6.18-ovz028test015.1-enterprise
2.6.18-ovz028test015.1-enterprise [message #10095] Thu, 08 February 2007 07:41 Go to next message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
hello,

i have change my kernel to 2.6.18-ovz028test015.1-enterprise,

my VZ has two network cards with two subnets (public and private)

but the VE's can't ping internet on boot of server ,
i must do this actions for VE work correctly :

/etc/init.d/vz stop
ifconfig eth1 down (private subnet)
/etc/init.d/vz start
vzctl start 130
.
.
.
ifconfig eth1 up
vzctl enter 130
ping x.x.x.x -> ok

best regards

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10099 is a reply to message #10095] Thu, 08 February 2007 08:41 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
Something wrong with routing or arp-related checks on VE's start. Please, more info.
1) do you have something weird in /var/log/vzctl.log?
2) could you check routing tables on Hn and inside VE in bath cases - when networking ok and when not?

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10100 is a reply to message #10099] Thu, 08 February 2007 08:47 Go to previous messageGo to next message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
nothing strange in /var/log/vzctl.log

and route are correct

and i don't have this problem with kernel 2.6.18-ovz028test010.1-enterprise

best regards

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10101 is a reply to message #10100] Thu, 08 February 2007 08:50 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
Could you give us access to the node?

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10102 is a reply to message #10101] Thu, 08 February 2007 08:53 Go to previous messageGo to next message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
not for now , the server is behind a firewall , but i can start few command for you ...

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10103 is a reply to message #10102] Thu, 08 February 2007 09:11 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
Ok

In situation when no network:
1) try to determine, where packets are lost.
ping x.x.x.x from VE in background, tcpdump (venet|veth) inside VE and on the node, tcpdump public interface
2) `ip r l` on the node and inside VE
3) `sysctl net.ipv4.ip_forward`

In situation when network ok:
2) `ip r l` on the node and inside VE

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10104 is a reply to message #10103] Thu, 08 February 2007 09:26 Go to previous messageGo to next message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
on VE :

tcpdump :

10:16:45.207552 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 244, length 64
10:16:46.207306 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 245, length 64
10:16:47.207066 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 246, length 64
10:16:48.206825 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 247, length 64
10:16:49.206594 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 248, length 64
10:16:50.206348 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 249, length 64
10:16:51.206110 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 250, length 64
10:16:52.205870 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 251, length 64
10:16:53.205638 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 252, length 64
10:16:54.205390 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 253, length 64
10:16:55.205157 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 254, length 64
10:16:56.204916 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 255, length 64
10:16:57.204674 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 256, length 64
10:16:58.204435 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 257, length 64
10:16:59.204196 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 258, length 64
10:17:00.203953 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 259, length 64
10:17:01.203720 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 260, length 64
10:17:02.203480 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 261, length 64
10:17:03.203240 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 262, length 64
10:17:04.202995 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 263, length 64
10:17:05.202756 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 264, length 64
10:17:06.202517 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 265, length 64
10:17:07.202279 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 266, length 64


on VH :

tcpdump -n icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
10:18:13.186484 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 332, length 64
10:18:14.186237 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 333, length 64
10:18:15.186002 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 334, length 64
10:18:16.185757 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 335, length 64
10:18:17.185511 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 336, length 64
10:18:18.185272 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 337, length 64
10:18:19.185034 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 338, length 64
10:18:20.184830 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 339, length 64
10:18:21.185565 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 340, length 64
10:18:22.186323 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 341, length 64
10:18:23.187082 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 342, length 64
10:18:24.187838 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 343, length 64
10:18:25.187611 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 344, length 64
10:18:26.187364 IP 193.221.123.12 > 195.238.2.21: ICMP echo request, id 11044, seq 345, length 64



2)

on VE :

ip r l
192.0.2.0/24 dev venet0 scope host
169.254.0.0/16 dev venet0 scope link
default via 192.0.2.1 dev venet0


on VH :

ip r l
193.221.123.12 dev venet0 scope link src 193.221.123.24
192.168.100.0/24 dev eth1 proto kernel scope link src 192.168.100.24
193.221.123.0/24 dev eth0 proto kernel scope link src 193.221.123.24
default via 193.221.123.254 dev eth0

sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1



4)

[root@vz4 log]# vzctl stop 12
Stopping VE ...
VE was stopped
VE is unmounted
[root@vz4 log]# ifconfig eth1 down
[root@vz4 log]# vzctl start 12
Starting VE ...
VE is mounted
Adding IP address(es): 193.221.123.12
Setting CPU units: 1000
Set hostname: mxredirect.allit.be
File resolv.conf was modified
VE start in progress...
[root@vz4 log]# ifconfig eth1 up
[root@vz4 log]# vzctl enter 12
entered into VE 12
[root@mxredirect /]# ping 195.238.2.21
PING 195.238.2.21 (195.238.2.21) 56(84) bytes of data.
64 bytes from 195.238.2.21: icmp_seq=1 ttl=53 time=16.5 ms

--- 195.238.2.21 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 16.557/16.557/16.557/0.000 ms


[root@mxredirect /]# ip r l
192.0.2.0/24 dev venet0 scope host
169.254.0.0/16 dev venet0 scope link
default via 192.0.2.1 dev venet0


on VH :

[root@vz4 log]# ip r l
193.221.123.12 dev venet0 scope link src 193.221.123.24
192.168.100.0/24 dev eth1 proto kernel scope link src 192.168.100.24
193.221.123.0/24 dev eth0 proto kernel scope link src 193.221.123.24
default via 193.221.123.254 dev eth0

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10106 is a reply to message #10104] Thu, 08 February 2007 09:58 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
1) from the above output I see, that ICMP requests pass through host and go to the link
2) what if you don't up eth1 at all?

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10107 is a reply to message #10106] Thu, 08 February 2007 10:13 Go to previous messageGo to next message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
if eth1 is down , all work fine

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10108 is a reply to message #10107] Thu, 08 February 2007 11:34 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
1) `sysctl net.ipv4.conf.eth0.proxy_arp`
2) `sysctl net.ipv4.conf.eth1.proxy_arp`
3) `sysctl net.ipv4.conf.venet0.proxy_arp`
?

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10109 is a reply to message #10108] Thu, 08 February 2007 12:10 Go to previous messageGo to next message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
[root@vz4 log]# sysctl net.ipv4.conf.eth0.proxy_arp
net.ipv4.conf.eth0.proxy_arp = 0
[root@vz4 log]# sysctl net.ipv4.conf.eth1.proxy_arp
net.ipv4.conf.eth1.proxy_arp = 0
[root@vz4 log]# sysctl net.ipv4.conf.venet0.proxy_arp
net.ipv4.conf.venet0.proxy_arp = 0
[root@vz4 log]#

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10110 is a reply to message #10109] Thu, 08 February 2007 12:44 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
And probably sysctl net.ipv4.conf.all.proxy_arp = 1
If so, I advice to set sysctl net.ipv4.conf.eth0.proxy_arp=1, sysctl net.ipv4.conf.venet0.proxy_arp=1 and net.ipv4.conf.all.proxy_arp=0.

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10112 is a reply to message #10110] Thu, 08 February 2007 12:50 Go to previous messageGo to next message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
no

[root@vz4 log]# sysctl net.ipv4.conf.all.proxy_arp
net.ipv4.conf.all.proxy_arp = 0


if i change value :

[root@vz4 log]# sysctl net.ipv4.conf.eth0.proxy_arp=1
net.ipv4.conf.eth0.proxy_arp = 1
[root@vz4 log]# sysctl net.ipv4.conf.venet0.proxy_arp=1
net.ipv4.conf.venet0.proxy_arp = 1
[root@vz4 log]# sysctl net.ipv4.conf.all.proxy_arp=0
net.ipv4.conf.all.proxy_arp = 0
[root@vz4 log]# vzctl stop 12
Stopping VE ...
VE was stopped
VE is unmounted
[root@vz4 log]# vzctl start 12
Starting VE ...
VE is mounted
Adding IP address(es): 193.221.123.12
Setting CPU units: 1000
Set hostname: mxredirect.allit.be
File resolv.conf was modified
VE start in progress...
[root@vz4 log]# vzctl enter 12
entered into VE 12
[root@mxredirect /]# ping 195.238.2.21
PING 195.238.2.21 (195.238.2.21) 56(84) bytes of data.

--- 195.238.2.21 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2999ms

[root@mxredirect /]#

i doesn't work Sad

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10136 is a reply to message #10095] Fri, 09 February 2007 10:40 Go to previous messageGo to next message
Vasily Tarasov is currently offline  Vasily Tarasov
Messages: 1345
Registered: January 2006
Senior Member
Hello,

can you inform me, please,
do you have any VEs with onboot option turned on?

Thank you,
Vasily.

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10138 is a reply to message #10112] Fri, 09 February 2007 10:58 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
`sysctl -a | grep rp_filter`?

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: 2.6.18-ovz028test015.1-enterprise [message #10142 is a reply to message #10138] Fri, 09 February 2007 12:04 Go to previous message
youp is currently offline  youp
Messages: 82
Registered: September 2005
Location: Belgium
Member
no there are no VPS with ONBOOT yes.

sysctl -a | grep rp_filter

net.ipv4.conf.venet0.arp_filter = 0
net.ipv4.conf.venet0.rp_filter = 1
net.ipv4.conf.eth1.arp_filter = 0
net.ipv4.conf.eth1.rp_filter = 1
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.rp_filter = 1

Report message to a moderator

Previous Topic: Prevent unmount inside VE
Next Topic: Using NAT in VE problem? help~~~
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sun Nov 03 16:36:28 GMT 2024

Total time taken to generate the page: 0.03669 seconds
Powered by FUDforum Powered by Virtuozzo Containers