OpenVZ Forum


Home » General » Support » *SOLVED* Connect VE to two different networks on two different NIC's
*SOLVED* Connect VE to two different networks on two different NIC's [message #12274] Mon, 23 April 2007 20:46 Go to next message
abachn is currently offline  abachn
Messages: 6
Registered: April 2007
Junior Member
Hi

I'm a bit new to openvz, but I have a (actually two) machines running openvz kernel 2.6.18 -028.027 kernel on a gentoo base system!

The machine has two NIC's. One connected to an internal net with private ip's and one connected to an external net with public ip's.

My question is now, is it possible for a VE to have two ip addresses, one on each network ?
Its default gateway is on the external net, the internal net is only for accessing services that are not public!

If, it is possible! How should the be done!

I hope somebody will through me a bone and give me some directions on how to do this. Thank you!

/Anders

[Updated on: Fri, 11 May 2007 07:54] by Moderator

Report message to a moderator

Re: Connect VE to two different networks on two different NIC's [message #12283 is a reply to message #12274] Tue, 24 April 2007 08:08 Go to previous messageGo to next message
Vasily Tarasov is currently offline  Vasily Tarasov
Messages: 1345
Registered: January 2006
Senior Member
Hello,

yes it is possible. As you probably know vzctl has --ipadd option. Using this option you can add any number of IP adвresses:
root@HN# vzctl set <veid> --ipadd <IP-1> --save
root@HN# vzctl set <veid> --ipadd <IP-2> --save
This will create two venet devices in VE. Then you should check that routing is set properly on HN.

Vasily.

Report message to a moderator

Re: Connect VE to two different networks on two different NIC's [message #12749 is a reply to message #12283] Tue, 08 May 2007 17:07 Go to previous messageGo to next message
abachn is currently offline  abachn
Messages: 6
Registered: April 2007
Junior Member
Thank you for your answer and it works ... kind of!!

The situation is as follows! I have these servers..

(HN1) Hardware node 1: non-openvz hosts, both a public and private ip

(HN2) Hardware node 2: openvz-hosts, running several VE instances, both public and private ip

VE 1: minimal host with public and private ip

VE 2: minimal host with public and private ip

The problem is now that I can't ping HN1 from a VE on the private class A network!

I can ping

HN2 -> HN1
HN1 -> HN2
HN2 -> VE1
VE1 -> HN2
VE1 -> VE2

but not!!!

VE1 -> HN1

On the private network ... I can ping from VE1 -> HN1 on the public network....

I have not done any routing setup on HN2 (chloe)
chloe ~ # ip a l
2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:12:79:39:3f:b9 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.151/24 brd 10.0.0.255 scope global eth0
4: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:12:79:39:4f:11 brd ff:ff:ff:ff:ff:ff
inet 217.195.176.151/24 brd 217.195.176.255 scope global eth1
6: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
8: tunl0: <NOARP> mtu 1480 qdisc noop
link/ipip 0.0.0.0 brd 0.0.0.0
10: gre0: <NOARP> mtu 1476 qdisc noop
link/gre 0.0.0.0 brd 0.0.0.0
1: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,10000> mtu 1500 qdisc noqueue
link/void

chloe ~ # ip r l
217.195.176.140 dev venet0 scope link
10.0.0.161 dev venet0 scope link
217.195.176.141 dev venet0 scope link
217.195.176.142 dev venet0 scope link
217.195.176.139 dev venet0 scope link
10.0.0.141 dev venet0 scope link
217.195.176.161 dev venet0 scope link
10.0.0.140 dev venet0 scope link
217.195.176.0/24 dev eth1 proto kernel scope link src 217.195.176.151
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.151
127.0.0.0/8 dev lo scope link
default via 217.195.176.1 dev eth1

What am I missing to route trafik from VE* -> HN1 ... a physical host on the private network!!

I hope you can help!!

Report message to a moderator

Re: Connect VE to two different networks on two different NIC's [message #12754 is a reply to message #12749] Tue, 08 May 2007 20:12 Go to previous messageGo to next message
morik is currently offline  morik
Messages: 33
Registered: January 2006
Member
Please show also for HN1
ip a l
ip r l

Report message to a moderator

Re: Connect VE to two different networks on two different NIC's [message #12766 is a reply to message #12754] Wed, 09 May 2007 07:03 Go to previous messageGo to next message
abachn is currently offline  abachn
Messages: 6
Registered: April 2007
Junior Member
HN1 (non openvz system, names christa)

christa ~ # ip a l
1: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0b:cd:29:41:fb brd ff:ff:ff:ff:ff:ff
inet 10.0.0.154/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20b:cdff:fe29:41fb/64 scope link
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0b:cd:29:41:fa brd ff:ff:ff:ff:ff:ff
inet 217.195.176.154/24 brd 217.195.176.255 scope global eth1
inet6 fe80::20b:cdff:fe29:41fa/64 scope link
valid_lft forever preferred_lft forever
3: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0

christa ~ # ip r l
217.195.176.0/24 dev eth1 proto kernel scope link src 217.195.176.154
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.154
127.0.0.0/8 dev lo scope link
default via 217.195.176.1 dev eth1

I can ping all other combinations of hosts but not on the private class A network from VE1 (citha) to HN1 (christa)

Here are the information on citha!
citha / # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:217.195.176.141 P-t-P:217.195.176.141 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:17740 errors:0 dropped:0 overruns:0 frame:0
TX packets:17899 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1692354 (1.6 Mb) TX bytes:2990896 (2.8 Mb)

venet0:1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.0.0.141 P-t-P:10.0.0.141 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:17740 errors:0 dropped:0 overruns:0 frame:0
TX packets:17899 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1692354 (1.6 Mb) TX bytes:2990896 (2.8 Mb)

citha / # ip a l
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
3: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,10000> mtu 1500 qdisc noqueue
link/void
inet 217.195.176.141/32 scope global venet0
inet 10.0.0.141/32 scope global venet0:1

citha / # ip r l
192.0.2.0/24 dev venet0 scope link
127.0.0.0/8 via 127.0.0.1 dev lo scope link
default via 192.0.2.1 dev venet0

Report message to a moderator

Re: Connect VE to two different networks on two different NIC's [message #12779 is a reply to message #12766] Wed, 09 May 2007 09:15 Go to previous messageGo to next message
Andrey Mirkin is currently offline  Andrey Mirkin
Messages: 193
Registered: May 2006
Senior Member
Try to ping HN1 from VE1 with following command:

ping -I 10.0.0.141 10.0.0.154

Andrey Mirkin
http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: Connect VE to two different networks on two different NIC's [message #12782 is a reply to message #12779] Wed, 09 May 2007 09:30 Go to previous messageGo to next message
abachn is currently offline  abachn
Messages: 6
Registered: April 2007
Junior Member
citha / # ping -I 10.0.0.141 10.0.0.154
PING 10.0.0.154 (10.0.0.154) from 10.0.0.141 : 56(84) bytes of data.
64 bytes from 10.0.0.154: icmp_seq=1 ttl=63 time=142 ms
64 bytes from 10.0.0.154: icmp_seq=2 ttl=63 time=0.140 ms
64 bytes from 10.0.0.154: icmp_seq=3 ttl=63 time=0.097 ms
64 bytes from 10.0.0.154: icmp_seq=4 ttl=63 time=0.106 ms
64 bytes from 10.0.0.154: icmp_seq=5 ttl=63 time=0.109 ms

--- 10.0.0.154 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4003ms
rtt min/avg/max/mdev = 0.097/28.548/142.290/56.871 ms

So it works, thank you! But.. how do I tell it to use the address 10.0.0.141 everytime it tries to reach a class A address ??

If I for instanse want to make a mysql connection from VE1 -> HN1 ?

Report message to a moderator

Re: Connect VE to two different networks on two different NIC's [message #12786 is a reply to message #12782] Wed, 09 May 2007 12:41 Go to previous messageGo to next message
morik is currently offline  morik
Messages: 33
Registered: January 2006
Member
try to add in VE
ip route add 10.0.0.154/32 dev venet0 src 10.0.0.141

Report message to a moderator

SOLVED * Re: Connect VE to two different networks on two different NIC's [message #12787 is a reply to message #12786] Wed, 09 May 2007 12:56 Go to previous message
abachn is currently offline  abachn
Messages: 6
Registered: April 2007
Junior Member
Thank you, that did it Smile

Report message to a moderator

Previous Topic: CTRL-C not working inside VPS
Next Topic: *SOLVED* ISDN PRI with OpenVZ
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sun Nov 17 13:24:57 GMT 2024

Total time taken to generate the page: 0.02966 seconds
Powered by FUDforum Powered by Virtuozzo Containers