OpenVZ Forum: Support » HN and VPS with differen /24 are not working

Home » General » Support » HN and VPS with differen /24 are not working - is this not possible?

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

HN and VPS with differen /24 are not working - is this not possible? [message #30753]

Fri, 06 June 2008 08:29

disaster
Messages: 158
Registered: February 2006

Senior Member

Hello!

HN: IP XX.158.176.27
VPS: IP XX.158.183.99

But VPS cannot reach the internet. When i switch the IP on the VPS to XX.158.176.28 it will work.

Any ideas?

Stefan

[Updated on: Fri, 06 June 2008 10:36]

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30756 is a reply to message #30753]

Fri, 06 June 2008 09:01

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

Quote:

HN: IP XX.185.176.27
...
i switch the IP on the VPS to XX.185.176.27

Do HN and VPS have the same IP address?

//----------//-------------//----------//------------
It could be many reasons:

- firewall on the HN rejects traffic
- your network configuration doesn't allow to set random IP (your router can reject such kind of traffic)

Without additional details it's very difficult to find out the reason.
Please look at this page
http://forum.openvz.org/index.php?t=tree&goto=27545& #msg_27545
May be additional information can help us. Thank You.

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30758 is a reply to message #30753]

Fri, 06 June 2008 09:22

disaster
Messages: 158
Registered: February 2006

Senior Member

Sorry i meant XX.185.176.28. So it is on the same /24.

- firewall on the HN rejects traffic
No:

# iptables -t nat -L && iptables -t filter -L && iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     0    --  VPSIP  anywhere            
ACCEPT     0    --  anywhere             VPSIP

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

- your network configuration doesn't allow to set random IP (your router can reject such kind of traffic)

Mhm what do you mean with random IP? Also other Servers on the same Switch uses XX.185.183.XX IPs without problems.

OK here are more informations:
HN:

ip route list
XX.158.176.0/24 dev eth0  proto kernel  scope link  src XX.158.176.27 
default via XX.158.176.1 dev eth0

VPS:

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.0.2.1       0.0.0.0         255.255.255.255 UH    0      0        0 venet0
0.0.0.0         192.0.2.1       0.0.0.0         UG    0      0        0 venet0

I've checked with tcpdump, that traffic goes OUT but not in and this is an ARP problem. If i ping the IP of the VPS from another server in the same network than the HN does not respond.

arp -v  
Address                  HWtype  HWaddress           Flags Mask            Iface
VPSIP          (incomplete)                              eth0

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30760 is a reply to message #30753]

Fri, 06 June 2008 09:30

disaster
Messages: 158
Registered: February 2006

Senior Member

Some more informations:
HN:

# cat /etc/network/options 
ip_forward=yes
spoofprotect=no
syncookies=no

sysctl:

# sysctl -p
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.tcp_max_orphans = 131072
net.ipv4.tcp_mem = 720896 865075 1038090
net.ipv4.ip_forward = 1

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30761 is a reply to message #30760]

Fri, 06 June 2008 09:35

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

one more question before I start thinking Smile

you said that your HN has

Quote:

HN: IP XX.185.176.27

but in the next message

Quote:

XX.158.176.0/24 dev eth0  proto kernel  scope link  src XX.158.176.27

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30762 is a reply to message #30761]

Fri, 06 June 2008 09:44

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

how do you set IP address to your VE?
If through vzctl, please show the output:

vzctl set VE_ID --ipadd x.x.x.x

then please show the output (from HN)

arp -n

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30763 is a reply to message #30753]

Fri, 06 June 2008 09:52

disaster
Messages: 158
Registered: February 2006

Senior Member

.158. is correct - sorry

oh sorry i missed to copy one line on the ip route command
HN:

# ip route list
XX.158.183.99 dev venet0  scope link 
XX.158.176.0/24 dev eth0  proto kernel  scope link  src XX.158.176.27 
default via XX.158.176.1 dev eth0

#vzctl set 103 --ipadd XX.158.183.99
Adding IP address(es): XX.158.183.99
WARNING: Settings were not saved and will be resetted to original values on next start (use --save flag)

arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
XX.158.176.1             ether   00:14:22:15:DB:0D   C                     eth0

I can ping the VPS IP from the HN without any problems:

ping XX.158.183.99
PING XX.158.183.99 (XX.158.183.99) 56(84) bytes of data.
64 bytes from XX.158.183.99: icmp_seq=1 ttl=64 time=0.046 ms
64 bytes from XX.158.183.99: icmp_seq=2 ttl=64 time=0.012 ms

[Updated on: Fri, 06 June 2008 10:37]

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30767 is a reply to message #30763]

Fri, 06 June 2008 11:19

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

sorry for the little delay

please try the following (on the HN):

ip neigh add proxy XX.158.183.99 dev eth0

does it help?

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30770 is a reply to message #30753]

Fri, 06 June 2008 12:25

disaster
Messages: 158
Registered: February 2006

Senior Member

Yeah this helps. Is this a bug in OpenVZ? Or is it a problem by me?

Report message to a moderator

Re: HN and VPS with differen /24 are not working - is this not possible? [message #30778 is a reply to message #30753]

Fri, 06 June 2008 14:22

disaster
Messages: 158
Registered: February 2006

Senior Member

it seems to be a feature Sad

http://bugzilla.openvz.org/show_bug.cgi?id=771

Report message to a moderator

Previous Topic:	Is it possible to share non-private areas when you are not migrating from virtuozzo?
Next Topic:	/proc/user_beancounters not reset after VE restart.

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sat Nov 16 02:23:41 GMT 2024

Total time taken to generate the page: 0.03293 seconds