Home » General » Support » VLAN not working in VE? <SOLVED>
| VLAN not working in VE? <SOLVED> [message #33405] |
Mon, 13 October 2008 12:23  |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
Hi,
I got 2 interfaces on HE and wanted one for management and the second for VE's (I need several VLANs there).
So I setup HE interfaces like this (fat trimmed)
eth0 Link encap:Ethernet HWaddr 00:21:5e:26:b3:cc
inet addr:126.66.64.151 Bcast:126.66.65.255 Mask:255.255.254.0
eth1 Link encap:Ethernet HWaddr 00:21:5e:26:b3:ce
inet6 addr: fe80::221:5eff:fe26:b3ce/64 Scope:Link
eth1.20 Link encap:Ethernet HWaddr 00:21:5e:26:b3:ce
inet6 addr: fe80::221:5eff:fe26:b3ce/64 Scope:Link
eth1.980 Link encap:Ethernet HWaddr 00:21:5e:26:b3:ce
inet6 addr: fe80::221:5eff:fe26:b3ce/64 Scope:Link
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
(lo, sit0, other VLANs ommitted).
Then I added the vlan to VE like this:
vzctl set 110 --netif_add vlan980 --save
Then I setup the VE settings like this:
(snippet from 110.conf)
IP_ADDRESS="10.0.0.2"
NETIF=" ifname=vlan980,mac=00:18:51:F6:CD:87,host_ifname=veth110.980 ,host_mac=00:18:51:70:E9:7F "
And the problem is I still cannot access the other ip on the network (PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
From 10.0.0.2 icmp_seq=1 Destination Host Unreachable)! How to debug this??
BTW. when I assign an address from the VLAN to eth1.980 on HN it works, but VE - its not.
Thanks!
[Updated on: Sun, 26 October 2008 18:43] Report message to a moderator |
|
|
|
|
|
|
|
| Re: VLAN not working in VE? [message #33412 is a reply to message #33411] |
Mon, 13 October 2008 18:54  |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
OK, I.m posting all relevant info:
2.6.18-028stab056
110.conf:
NETIF=" ifname=eth1,mac=00:18:51:44:65:A8,host_ifname=veth110.1,host _mac=00:18:51:42:20:9A "
Networking in HE:
eth0 Link encap:Ethernet HWaddr 00:21:5e:26:b3:cc
inet addr:126.66.64.151 Bcast:126.66.65.255 Mask:255.255.254.0
inet6 addr: fe80::221:5eff:fe26:b3cc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3880 errors:0 dropped:0 overruns:0 frame:0
TX packets:1188 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:319773 (312.2 KiB) TX bytes:297744 (290.7 KiB)
Interrupt:90 Memory:ce000000-ce011100
eth1 Link encap:Ethernet HWaddr 00:21:5e:26:b3:ce
inet6 addr: fe80::221:5eff:fe26:b3ce/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2257 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:182530 (178.2 KiB) TX bytes:2040 (1.9 KiB)
Interrupt:169 Memory:ca000000-ca011100
eth1.20 Link encap:Ethernet HWaddr 00:21:5e:26:b3:ce
inet6 addr: fe80::221:5eff:fe26:b3ce/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2258 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:132922 (129.8 KiB) TX bytes:468 (468.0 B)
eth1.980 Link encap:Ethernet HWaddr 00:21:5e:26:b3:ce
inet6 addr: fe80::221:5eff:fe26:b3ce/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:46 (46.0 B) TX bytes:468 (468.0 B)
eth1.990 Link encap:Ethernet HWaddr 00:21:5e:26:b3:ce
inet6 addr: fe80::221:5eff:fe26:b3ce/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:46 (46.0 B) TX bytes:468 (468.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:52 errors:0 dropped:0 overruns:0 frame:0
TX packets:52 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3792 (3.7 KiB) TX bytes:3792 (3.7 KiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
veth110.1 Link encap:Ethernet HWaddr 00:18:51:42:20:9a
inet6 addr: fe80::218:51ff:fe42:209a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:792 (792.0 B) TX bytes:244 (244.0 B)
Networking in VE:
eth1 Link encap:Ethernet HWaddr 00:18:51:44:65:A8
inet6 addr: fe80::218:51ff:fe44:65a8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:244 (244.0 b) TX bytes:792 (792.0 b)
eth1.980 Link encap:Ethernet HWaddr 00:18:51:44:65:A8
inet addr:10.0.0.3 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::218:51ff:fe44:65a8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:492 (492.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Physical eth1 is connected to trunk port... and it works if I configure it in HE.
What else I can do?
[Updated on: Mon, 13 October 2008 18:56] Report message to a moderator |
|
|
|
|
|
| Re: VLAN not working in VE? [message #33417 is a reply to message #33416] |
Tue, 14 October 2008 07:02 |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
- First of all, make sure that you've configured eth0 interface inside VE properly
Now its like in wiki, previously I've used vconfig to add vlan.
- Then check your routing records inside VE. (make sure that network packets don't leave your VE from venet0 interface.)
Its OK: ip r s
127.0.0.0/8 via 127.0.0.1 dev lo
default dev eth0 scope link
- Use tcpdump utility to find out:
* do the packets leave your VE propely
they leave VE,
* do they reach HN
they reach HE,
* do they leave HN
I don't know, as I don't have a second node and netadmin is on holiday 
http://wiki.openvz.org/VLAN
Excuse me, I try to stay positive, but there is no doc in here, those three lines simply doesn't work, either when I try to move venet interface or create new veth in VE. Maybe because I do have two physical interfaces?
Make sure that firewall in the HN/VE allow your VE to communicate with external nodes.
There is no netfilter setup.
I attach screenlog.
-
Attachment: screenlog.0
(Size: 8.42KB, Downloaded 284 times)
|
|
|
|
|
|
| Re: VLAN not working in VE? [message #33419 is a reply to message #33418] |
Tue, 14 October 2008 07:37 |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
OK, lets try that:
Do I have to configure vlan on physical interface in HE? Do I have to add ip to that interface? I guess answer is yes and no?
So on HE I should have (Gentoo net config):
config_eth0=("126.66.64.151 netmask 255.255.254.0")
routes_eth0=("default via 126.66.65.249")
vlans_eth1="20 980 990"
config_eth1=( "null" )
vconfig_eth1=( "set_name_type DEV_PLUS_VID_NO_PAD" )
config_eth1_980=( "null" )
config_eth1_990=( "null" )
[Updated on: Tue, 14 October 2008 07:39] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
| Re: VLAN not working in VE? [message #33425 is a reply to message #33422] |
Tue, 14 October 2008 09:55 |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
I'm posting tcpdump (its the same on HN as in VE):
11:35:59.979932 IP 10.0.0.3 > 10.0.0.1: ICMP echo request, id 23060, seq 179, length 64
11:36:00.979954 arp who-has 10.0.0.1 tell 10.0.0.3
11:36:00.979959 arp reply 10.0.0.1 is-at 00:18:51:3a:d4:5d
11:36:00.979984 IP 10.0.0.3 > 10.0.0.1: ICMP echo request, id 23060, seq 180, length 64
etc. There is no echo reply.
If I configure devices without vlan in VE I can ping HE and VE each other, I suspect that I could ping also remote interface, but there is no vlan so I cant. Its all about those vlans.
Maybe a step-by-step howto for one interface, multiple vlans?
|
|
|
|
| Re: VLAN not working in VE? [message #33428 is a reply to message #33420] |
Tue, 14 October 2008 13:03 |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
- enable eth0 inside container
- create vlan interface inside container and issue some settings
well, I have setup eth0.980 5 minutes since installation of the kernel, but it doesn't work. Kernel IP routing table (HE):
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 veth110.0
126.66.64.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0.20
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 126.66.65.249 0.0.0.0 UG 0 0 0 eth0.20
I do all the stuff:
echo 1 > /proc/sys/net/ipv4/conf/veth110.0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/veth110.0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
And I setup vlan the Gentoo way in VE (so its standard Linux way):
vlans_eth0="980"
config_eth0=( "null" )
vconfig_eth0=( "set_name_type DEV_PLUS_VID_NO_PAD" )
config_eth0_980=( "10.0.0.2 netmask 255.255.255.0" )
i get these routes:
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.980
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
this doesn't work, (Destination Host Unreachable) so packets do not reach HE.
If I do in VE:
ifconfig eth0 0
ip r a default dev eth0
it doesn't work either (sorry! this doesn't work, but ping goes to HE, I forgot to remove previous route!).
I do in VE:
cat /proc/net/vlan/config
VLAN Dev name | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
eth0.980 | 980 | eth0
I do in HE:
cat /proc/net/vlan/config
VLAN Dev name | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
eth0.20 | 20 | eth0
Its ok, because I'm using vlan 20 for accessing the HE.
I'm loosing the second day on this.... 
[Updated on: Tue, 14 October 2008 13:14] Report message to a moderator |
|
|
|
|
|
| Re: VLAN not working in VE? [message #33461 is a reply to message #33423] |
Wed, 15 October 2008 13:18 |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
OK, partly works (first vlan i VE works ok).
Now I'm trying to add second VLAN to veth device and it goes ok, but packets are not going back to VE. Why?
In VE 130 I've got two vlans added:
eth0.20 Link encap:Ethernet HWaddr 00:18:51:DB:4E:F2
inet addr:126.66.64.158
eth1.980 Link encap:Ethernet HWaddr 00:18:51:05:AF:37
inet addr:10.0.0.5 Bcast:10.0.0.255 Mask:255.255.255.0
Routes are set OK iv VE:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
126.66.64.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
And routes in HN aore set OK:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 veth130.0
126.66.64.158 0.0.0.0 255.255.255.255 UH 0 0 0 veth130.0
10.0.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 veth110.0
10.0.1.2 0.0.0.0 255.255.255.255 UH 0 0 0 veth130.0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.980
10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.990
126.66.64.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0.20
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 126.66.65.249 0.0.0.0 UG 0 0 0 eth0.20
Packets goes fine to HN, but not going back (tcpdump outpup from HN):
15:08:32.501126 IP 126.66.64.158 > 10.0.0.1: ICMP echo request, id 45655, seq 14, length 64
Any ideas how to define source ip on VE?
BTW: I can ping interface in vlan on HN (ping 10.0.0.254 issued in VE is ok, but to 10.0.0.1 - which is gateway - its not working). Ping to 10.0.0.1 from HN - it works.
[Updated on: Wed, 15 October 2008 14:08] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
| Re: VLAN not working in VE? [message #33482 is a reply to message #33481] |
Thu, 16 October 2008 09:05 |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
well, I understand that, that is why I obssesically did set routes through vlan interfaces (and it didn't work).
If I set like you say now I got:
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1.980
126.66.64.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0.20
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
130 / # ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
From 10.0.0.5 icmp_seq=2 Destination Host Unreachable
From 10.0.0.5 icmp_seq=3 Destination Host Unreachable
From 10.0.0.5 icmp_seq=4 Destination Host Unreachable
--- 10.0.0.1 ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3005ms
, pipe 3
130 / # ping 126.66.64.1
PING 126.66.64.1 (126.66.64.1) 56(84) bytes of data.
From 126.66.64.158 icmp_seq=2 Destination Host Unreachable
From 126.66.64.158 icmp_seq=3 Destination Host Unreachable
From 126.66.64.158 icmp_seq=4 Destination Host Unreachable
--- 126.66.64.1 ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3009ms
, pipe 3
130 / #
|
|
|
|
| Re: VLAN not working in VE? [message #33491 is a reply to message #33482] |
Fri, 17 October 2008 06:44 |
januszzz
Messages: 50
Registered: January 2007
Location: Opole, Poland
|
Member |
|
|
Hey, I've just been too quick - adding vlans using standard way works, but not exactly:
PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data.
64 bytes from 10.0.1.1: icmp_seq=5 ttl=254 time=0.471 ms
64 bytes from 10.0.1.1: icmp_seq=6 ttl=254 time=0.819 ms
64 bytes from 10.0.1.1: icmp_seq=7 ttl=254 time=0.470 ms
64 bytes from 10.0.1.1: icmp_seq=8 ttl=254 time=0.447 ms
64 bytes from 10.0.1.1: icmp_seq=9 ttl=254 time=0.452 ms
64 bytes from 10.0.1.1: icmp_seq=10 ttl=254 time=0.462 ms
64 bytes from 10.0.1.1: icmp_seq=11 ttl=254 time=0.442 ms
64 bytes from 10.0.1.1: icmp_seq=12 ttl=254 time=0.460 ms
64 bytes from 10.0.1.1: icmp_seq=13 ttl=254 time=0.453 ms
64 bytes from 10.0.1.1: icmp_seq=14 ttl=254 time=4.93 ms
64 bytes from 10.0.1.1: icmp_seq=39 ttl=254 time=0.455 ms
64 bytes from 10.0.1.1: icmp_seq=40 ttl=254 time=0.463 ms
64 bytes from 10.0.1.1: icmp_seq=41 ttl=254 time=0.473 ms
64 bytes from 10.0.1.1: icmp_seq=42 ttl=254 time=0.471 ms
64 bytes from 10.0.1.1: icmp_seq=43 ttl=254 time=2.93 ms
64 bytes from 10.0.1.1: icmp_seq=44 ttl=254 time=1.61 ms
64 bytes from 10.0.1.1: icmp_seq=45 ttl=254 time=0.464 ms
64 bytes from 10.0.1.1: icmp_seq=46 ttl=254 time=0.470 ms
64 bytes from 10.0.1.1: icmp_seq=71 ttl=254 time=3.94 ms
64 bytes from 10.0.1.1: icmp_seq=72 ttl=254 time=0.482 ms
On HN I see:
08:39:48.008360 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 16, length 64
08:39:49.008382 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 17, length 64
08:39:50.008406 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 18, length 64
08:39:50.016660 IP 10.0.1.254 > 10.0.1.1: ICMP host 10.0.1.2 unreachable, length 92
08:39:50.016668 IP 10.0.1.254 > 10.0.1.1: ICMP host 10.0.1.2 unreachable, length 92
08:39:50.016670 IP 10.0.1.254 > 10.0.1.1: ICMP host 10.0.1.2 unreachable, length 92
08:39:51.008434 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 19, length 64
08:39:52.008458 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 20, length 64
08:39:53.008482 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 21, length 64
08:39:54.008508 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 22, length 64
08:39:54.026760 IP 10.0.1.254 > 10.0.1.1: ICMP host 10.0.1.2 unreachable, length 92
08:39:54.026771 IP 10.0.1.254 > 10.0.1.1: ICMP host 10.0.1.2 unreachable, length 92
08:39:54.026774 IP 10.0.1.254 > 10.0.1.1: ICMP host 10.0.1.2 unreachable, length 92
08:39:54.727549 IP 126.66.64.151 > 126.66.48.19: ICMP echo reply, id 12562, seq 0, length 55
08:39:54.758427 IP 126.66.64.151 > 126.66.48.19: ICMP echo reply, id 12562, seq 1, length 55
08:39:54.811496 IP 126.66.64.151 > 126.66.48.19: ICMP echo reply, id 12562, seq 2, length 55
08:39:55.008534 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 23, length 64
08:39:56.008559 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 24, length 64
08:39:57.008585 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 25, length 64
08:39:58.008609 IP 10.0.1.2 > 10.0.1.1: ICMP echo request, id 58639, seq 26, length 64
The same goes for the second vlan. From HN pings goes ok, to both vlans.
Any ideas why?
[Updated on: Fri, 17 October 2008 06:58] Report message to a moderator |
|
|
|
|
|
Goto Forum:
Current Time: Mon Nov 18 17:54:17 GMT 2024
Total time taken to generate the page: 0.02916 seconds
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
