| no external network [message #31954] |
Tue, 15 July 2008 22:02  |
jckdnk111
Messages: 11
Registered: January 2008
|
Junior Member |
|
|
Hi,
I'm running Debian etch with 2.6.18-12-fza-686-bigmem kernel.
I have vzctl version 3.0.22-1dso1.
My VE's can resolve ip's from DNS, but cannot make connections to the outside world?
I fear it is the same issue as this: http://forum.openvz.org/index.php?t=threadt&frm_id=2
There never was a resolution as far as I could tell.
## XXX.XXX.XXX.163 ==> HN
## XXX.XXX.XXX.165 ==> VE
################# ssh from a VE #################
[root@myserver /]# ssh -v user@sshserver
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sshserver [1.2.3.4] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2p1 Debian-7ubuntu3.3
debug1: match: OpenSSH_4.2p1 Debian-7ubuntu3.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.9p1
debug1: SSH2_MSG_KEXINIT sent
wget to google.com give the same result ... just hangs.
################# an "ip a l" gives #################
2: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 576 qdisc pfifo_fast qlen 1000
link/ether 00:1f:29:13:61:20 brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.XXX.162/27 brd 43.160.0.191 scope global eth0
6: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:1f:29:13:61:21 brd ff:ff:ff:ff:ff:ff
8: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
1: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,10000> mtu 1500 qdisc noqueue
link/void
################# an "ip r l" gives #################
XXX.XXX.XXX.176 dev venet0 scope link
XXX.XXX.XXX.165 dev venet0 scope link
XXX.XXX.XXX.160/27 dev eth0 proto kernel scope link src XXX.XXX.XXX.162
default via XXX.XXX.XXX.161 dev eth0
################# an "ip r l" gives #################
Address HWtype HWaddress Flags Mask Iface
XXX.XXX.XXX.163 ether 00:13:A9:6F:29:57 C eth0
XXX.XXX.XXX.176 * <from_interface> MP eth0
XXX.XXX.XXX.165 * <from_interface> MP eth0
#####################################################
I started logging inbound ssh traffic on the hardware node and I can see that an ssh attempt to one of my VE's is being routed properly:
Jul 15 14:50:05: ACCEPT ssh XXX.XXX.XXX.163 -> firewall(my_ve) (in: eth0 out: venet0 XXX.XXX.XXX.163:45880 -> XXX.XXX.XXX.165:22 TCP flags: ****S* len:60 ttl:63)
Here is the outbound ssh attempt:
Jul 15 14:53:51: ACCEPT ssh firewall(my_ve) -> 1.2.3.4 (in: venet0 out: eth0 XXX.XXX.XXX.165:54971 -> 1.2.3.4:22 TCP flags: ****S* len:60 ttl:64)
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
