Debian: no network after upgrade [message #29838] |
Fri, 25 April 2008 23:06 |
Nelly
Messages: 3 Registered: April 2008
|
Junior Member |
|
|
Hi all,
I vave a serious problem after I upgraded my Debian Etch Host to the actual ovz-kernel. All was working fine before I upgraded.
The problem is that I can ping the VE from the HE, but the VE is not reachable from the outside world and the VE can't reach any outside systems. The HE is reachable as usual.
I searched the forum, tested the new debian-add_ip.sh, controlled sysctl, but nothing worked.
I would be really happy if someone has an idea.
thalia is my HN, www is one of my VEs:
thalia:~# uname -r
2.6.18-ovz-028stab053.5
thalia:~# grep -vh '^#' /etc/sysctl.conf | grep -v '^$'
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
thalia:~# iptables -t nat -L && iptables -t filter -L && iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
www:/# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
191.255.255.1 * 255.255.255.255 UH 0 0 0 venet0
default 191.255.255.1 0.0.0.0 UG 0 0 0 venet0
[Updated on: Sat, 26 April 2008 11:43] Report message to a moderator
|
|
|
Re: Debian: no network after upgrade [message #29840 is a reply to message #29838] |
Sat, 26 April 2008 04:59 |
Nelly
Messages: 3 Registered: April 2008
|
Junior Member |
|
|
some more info:
I also tried the kernel 2.6.18-fza-028stab053.5-686 with no success. Additional I've set up a new fresh VE, but it shows the same problem.
Next tests:
When I ping a VE IP from a different PC I see incoming arps with tcpdump on the HN. But these arps are not answered.
BUT:
When I ping a second PC from the VE, the ICMP reaches the second PC.
So it rely seems that it's all about the arps that are not answered. Why does my HN think that he is not responsible for the VE-IPs?
Next Edit:
ip neigh add proxy VE-IP dev eth0 on the HN makes it work again. But that can only be a workaround and not a solution,
[Updated on: Sat, 26 April 2008 11:44] Report message to a moderator
|
|
|
|