OpenVZ Forum


Home » General » Support » VPS routing with venet0
VPS routing with venet0 [message #21598] Thu, 11 October 2007 20:51 Go to next message
galaxy is currently offline  galaxy
Messages: 11
Registered: January 2006
Junior Member
I'm having an issue with routing between 3 machines, 2 with OpenVZ and one with Virtuozzo.

Machine A and B have OpenVZ, machine C has Virtuozzo.
I'll call the VPS's affected A1, B2 and C3 (each a VPS in
the associated hardware node A, B and C.

All hardware nodes have private addresses, VPS's have public IP's.
(fake IP's below:)

A has 10.0.0.86
B has 10.0.0.40
C has 10.0.0.50

All of them have a default route to 10.0.0.1.

A1 has 192.168.1.10
B2 has 192.168.1.20
B3 has 192.168.1.30

All VPS's are running SMTP servers on port 25.
All VPS's can ping all other VPS's.

A1 can connect to port 25 on both B2 and C3.
B2 can connect to port 25 on C3
C3 can connect to port 25 on B2

Neither B2 nor C3 can connect to port 25 on A1 and get the message "No route to host", but give a proper "Connection refused" to port 80 (no webserver, so thats correct) and they can ping. Its only routing via port 25 (or any valid port a service is listening to). There's no iptables or firewall running.

A has kernel 2.6.18-ovz028stab031.1-enterprise (open VZ)
B has kernel 2.6.8-022stab061.1-enterprise (open VZ)
C has kernel 2.6.9-023stab043.1-enterprise (virtuozzo)

So the problem is that B2 and C3 cannot connect to A1 services,
however any non-vz operating system (pure linux, solaris, cisco router, etc.) can connect to A1 services without a problem. It seems to only be affected by vps's connecting to this VPS.

A1 and B2 are both supposed to be inbound mail servers backing each other up, however I can't get to A1 from any other VPS on the network, only normal/regular hosts.

What am I missing?

Report message to a moderator

Re: VPS routing with venet0 [message #21628 is a reply to message #21598] Fri, 12 October 2007 12:05 Go to previous messageGo to next message
vaverin is currently offline  vaverin
Messages: 708
Registered: September 2005
Senior Member
Hi Brian,

it's very difficult to understand the cause of this problem without access to your nodes. You can send the access permission to me via PM, I'll try to investigate this issue on the next week. On the other hand Virtuozzo has nice support and you can request its help too.

thank you,
Vasily Averin

Report message to a moderator

Re: VPS routing with venet0 [message #21646 is a reply to message #21598] Fri, 12 October 2007 13:37 Go to previous messageGo to next message
galaxy is currently offline  galaxy
Messages: 11
Registered: January 2006
Junior Member
I didn't think virtuozzo support included communications to a non-virtuozzo server (openVZ), so I figured I'd check here.

One thing I forgot to mention is that all of the VE's also have internal 10.x IP addresses. The public IP is listed first and is the one that shows up on vzlist, and they're all accessible on the internet. Due to some of them being production servers, I'm reluctant to send out credentials to the public...

I was wondering if kernel swapping the kernel to an older kernel matching the other openVZ system and see if that helps. I just need the virtuozzo node (C) to be able to talk to both the openVZ nodes (A & B) interchangably. I believe the configuration of both openVZ nodes are nearly identical, except for the one not working (A) has a newer kernel.

Report message to a moderator

Re: VPS routing with venet0 [message #21647 is a reply to message #21646] Fri, 12 October 2007 14:06 Go to previous messageGo to next message
vaverin is currently offline  vaverin
Messages: 708
Registered: September 2005
Senior Member
Brian,

For invetigation we need to look at the routing/arp tables on your nodes and then to trace the packets by using tcpdump utility. Please tell me if you need some assistence, but it's very likely I'll be accessible after weekend only.

Thank you,
Vasily Averin

Report message to a moderator

Re: VPS routing with venet0 [message #21650 is a reply to message #21598] Fri, 12 October 2007 15:35 Go to previous message
galaxy is currently offline  galaxy
Messages: 11
Registered: January 2006
Junior Member
OK, I ran tcpdumps in both the hardware node and VPS on both sides as to where its failing.

On virtuozzo hw node, I see all packets going out, including to both port 25 and 80.

On openVZ hw node, I only see packets to port 80 (with the connection refused returned).

I suspect the 2.6.10 openVZ kernel is dropping the packets.
Its strange that the port 80 packets show up but silence from the port 25 packets. It can't be the router as it forwards only by IP, doesn't take the port into account.

I'm going to try different kernels.
Currently on the openVZ node has the following packages:

vzctl-3.0.16-1
vzctl-lib-3.0.16-1
vzquota-3.0.9-1
kernel-enterprise-2.6.18-ovz028stab031.1

The openVZ node that is working has:

vzctl-2.7.0-25
vzctl-lib-2.7.0-25
vzquota-2.7.0-7
ovzkernel-enterprise-2.6.8-022stab061.1


I think I can immediately try:
kernel-2.6.18-ovz028stab045.1.i686.rpm
which is just a rev up from the current one.
But if I want to bring it back to the exact same one on
the other box, do I also have to revert the vzctl & vzquota
packages?

Report message to a moderator

Previous Topic: Godaddy
Next Topic: Missing Crontab pkg for Ubuntu OS template.
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Mon Jul 22 20:24:53 GMT 2024

Total time taken to generate the page: 0.03220 seconds
Powered by FUDforum Powered by Virtuozzo Containers