OpenVZ Forum: Support » (SOLVED) sysctl -p issue

Home » General » Support » (SOLVED) sysctl -p issue

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

(SOLVED) sysctl -p issue [message #23824]

Tue, 27 November 2007 13:43

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

After some hours (of inactivity?) i have to sysctl -p on HN, otherwise the VPS i created does not have netwotk.
I am sorry abut those silly questions but i am new to openVZ and i need some help....

Thank you in advance

[Updated on: Tue, 11 December 2007 01:12]

Report message to a moderator

Re: sysctl -p issue [message #23858 is a reply to message #23824]

Wed, 28 November 2007 08:01

vaverin
Messages: 708
Registered: September 2005

Senior Member

Hi soptom
could you please explain your problem in more details?

thank you,
Vasily Averin

Report message to a moderator

Re: sysctl -p issue [message #23870 is a reply to message #23858]

Wed, 28 November 2007 10:10

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

I installed openvz, created a VM everything is ok.
The VM has network with dedicated ip. After some hours the VM does not have network.
Accidently i found that when i sysctl -p on HN network comes back on VM.
I attach the sysctl because i saw that has some errors on it...

Attachment: sysctl -p -a.rtf
(Size: 10.91KB, Downloaded 626 times)

Report message to a moderator

Re: sysctl -p issue [message #23872 is a reply to message #23870]

Wed, 28 November 2007 10:32

vaverin
Messages: 708
Registered: September 2005

Senior Member

Hi soptom,

soptom wrote on Wed, 28 November 2007 13:10

The VM has network with dedicated ip. After some hours the VM does not have network.

Could you please explain -- what do you mean under "... VM does not have network"?
is interface down inside VE?
some configuration are changed?
do you able to ping HW node from inside VE?
is VE pingable from HW node?

thank you,
Vasily Averin

Report message to a moderator

Re: sysctl -p issue [message #23890 is a reply to message #23872]

Wed, 28 November 2007 13:07

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

Could you please explain -- what do you mean under "... VM does not have network"?
is interface down inside VE?
interface is up, but no network
some configuration are changed?

Not manually, i dont know if the HN does something by itself (cron or something)

do you able to ping HW node from inside VE?
finally YES

is VE pingable from HW node?
yes

[Updated on: Thu, 29 November 2007 09:35]

Report message to a moderator

Re: sysctl -p issue [message #24037 is a reply to message #23890]

Fri, 30 November 2007 13:09

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

Anyone?

Report message to a moderator

Re: sysctl -p issue [message #24223 is a reply to message #24037]

Mon, 03 December 2007 10:48

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

Sorry for delay.

Well, you can ping HN from inside VE and can ping VE from HN. But what does it mean "... VM does not have network"? You cannot ping other host in your subnet from inside VE? If you cannot do it from inside VE can you ping this hosts from inside HN?

Thank You!

Report message to a moderator

Re: sysctl -p issue [message #24227 is a reply to message #24223]

Mon, 03 December 2007 11:15

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

Dont be sorry i must thank you every time, for your time!
The VE does not ping " outside" world, ip's or hostnames.
The HN does.
The problem stosp when i syctl -p on HN
I allready sent a copy of syctl and you can check it, i think it has some errors on it...

"You cannot ping other host in your subnet from inside VE?"
No, only localhost"

Thank you very much...

Report message to a moderator

Re: sysctl -p issue [message #24239 is a reply to message #24227]

Mon, 03 December 2007 13:28

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1. Can you please give us output of the following commands (when you have not network inside the VE):
"cat /proc/sys/net/ipv4/ip_forward" (on HN)
2. "ip a l" (in VE and on HN)
3. "ip r l" (in VE and on HN)
4. Do you use iptables on HN? If yes:
"iptables -n -L" and "iptables -t nat -n -L"

Thank You!

[Updated on: Mon, 03 December 2007 13:28]

Report message to a moderator

Re: sysctl -p issue [message #24297 is a reply to message #24239]

Mon, 03 December 2007 18:23

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

[root@master2 ~]# cat /proc/sys/net/ipv4/ip_forward
0
HARDWARE NODE
[root@master2 ~]# ip a l
2: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:b3:b7:29:75 brd ff:ff:ff:ff:ff:ff
inet 91.194.90.25/25 brd 91.194.90.127 scope global eth0
inet6 fe80::202:b3ff:feb7:2975/64 scope link
valid_lft forever preferred_lft forever
6: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
1: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/void
[root@master2 ~]# ip r l
91.194.90.126 dev venet0 scope link
91.194.90.0/25 dev eth0 proto kernel scope link src 91.194.90.25
169.254.0.0/16 dev eth0 scope link
default via 91.194.90.1 dev eth0

VE

[root@fc6 /]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/void
inet 127.0.0.1/32 scope host venet0
inet 91.194.90.126/32 brd 91.194.90.126 scope global venet0:0
[root@fc6 /]# ip r l
192.0.2.0/24 dev venet0 scope host
169.254.0.0/16 dev venet0 scope link
default via 192.0.2.1 dev venet0

HARDWARE NODE
iptables commands and results attached with files named iptables1.txt and iptables2.txt

Attachment: iptables1.txt
(Size: 52.58KB, Downloaded 273 times)
Attachment: iptables2.txt
(Size: 0.28KB, Downloaded 285 times)

Report message to a moderator

Re: sysctl -p issue [message #24309 is a reply to message #24297]

Mon, 03 December 2007 21:24

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1. Try the following command (on HN):

#echo 1 > /proc/sys/net/ipv4/ip_forward

Is the problem still occur?

Thank You!

Report message to a moderator

Re: sysctl -p issue [message #24380 is a reply to message #24309]

Tue, 04 December 2007 11:58

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

It seems that is ok now. I will check it again in few hours and i let you know in details...

Report message to a moderator

Re: sysctl -p issue [message #24459 is a reply to message #24309]

Wed, 05 December 2007 10:15

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

Unfortunetly the VE after few hours has the same issue, no connection to outer world. No changes or activity made to HN since my last post...

Report message to a moderator

Re: sysctl -p issue [message #24462 is a reply to message #24459]

Wed, 05 December 2007 10:18

vaverin
Messages: 708
Registered: September 2005

Senior Member

Do You mean that ip_forward on your node shows 0 again?

Report message to a moderator

Re: sysctl -p issue [message #24480 is a reply to message #24462]

Wed, 05 December 2007 14:08

soptom
Messages: 34
Registered: October 2007
Location: Greece

Member

That is correct, it shows 0 (zero)

vaverin wrote on Wed, 05 December 2007 12:18

Do You mean that ip_forward on your node shows 0 again?

Report message to a moderator

Re: sysctl -p issue [message #24483 is a reply to message #24480]

Wed, 05 December 2007 14:22

vaverin
Messages: 708
Registered: September 2005

Senior Member

crontab task
or black magic Smile

Report message to a moderator

Re: sysctl -p issue [message #24485 is a reply to message #24483]

Wed, 05 December 2007 14:28

ugob
Messages: 271
Registered: March 2007

Senior Member

are your running apf 0.9.6-2?

Please read the manual before asking questions:
http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf

Please have a look at the wiki before asking questions:
http://wiki.openvz.org/Main_Page

Report message to a moderator

Re: sysctl -p issue [message #24486 is a reply to message #24297]

Wed, 05 December 2007 14:30

ugob
Messages: 271
Registered: March 2007

Senior Member

Look at your conf.apf file:

# These are system control (sysctl) option changes to provide protection from
# spoofed packets and ip/arp/route redirection. If you are performing advanced
# routing policies on this host such as NAT/MASQ you should disable this.
SYSCTL_ROUTE="0"

Yours is probably at "1".

Check on your HN and in your VEs

Please read the manual before asking questions:
http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf

Please have a look at the wiki before asking questions:
http://wiki.openvz.org/Main_Page

Report message to a moderator