OpenVZ Forum


Home » General » Support » network issues
network issues [message #3372] Wed, 24 May 2006 21:31 Go to next message
dbeery is currently offline  dbeery
Messages: 34
Registered: April 2006
Location: Des Moines, IA
Member
Hello,

First off, I'd like to say that we are impressed by OpenVZ. We've tried other server virtualization software but we like VZ the best. We are having issues with network, however. Any suggestions you can provide would be greatly appreciated.

Our problem is that we will want to have many partitions that attach to several different VLANS.

For example,

a bridge called br0, that bridges a VLAN interface and a tap device or dummy device.

We have found that exporting tap devices to the VPS fails and that exporting dummy devices is usesless because either a) the bridge communication is lost and/or b) there is no arp.

What is the recommended method of configuring OpenVZ to use bridged interfaces?

Derrick

Report message to a moderator

Re: network issues [message #3383 is a reply to message #3372] Thu, 25 May 2006 15:11 Go to previous messageGo to next message
dbeery is currently offline  dbeery
Messages: 34
Registered: April 2006
Location: Des Moines, IA
Member
Essentially, we would like to bridge between the hardware node and the VPS.

It seems, however, that when a device is exported via netdev_add it is lost to the bridge.

Tunneling as documented in the howto for giving a VPS a unique mac is not what we want to do for obvious performance reasons.

Ideally, we want to be able to export a tap device that is bridged to a vlan, maintain that bridge and be able to do arp in the VPS.

Can this be done without recoding the application?

Derrick

Report message to a moderator

Re: network issues [message #3384 is a reply to message #3372] Thu, 25 May 2006 15:14 Go to previous messageGo to next message
Vasily Tarasov is currently offline  Vasily Tarasov
Messages: 1345
Registered: January 2006
Senior Member
Look at http://kb.swsoft.com/article_130_696_en.html.

It must help Smile

Report message to a moderator

Re: network issues [message #3385 is a reply to message #3384] Thu, 25 May 2006 15:25 Go to previous messageGo to next message
dbeery is currently offline  dbeery
Messages: 34
Registered: April 2006
Location: Des Moines, IA
Member
Thank you for the reply. I've performed these steps but do not see how this tun device that has been created in the VPS can be added to the bridge on the hardware node or host os. Any information on that which does not include tunneling would be greatly appreciated.

Thanks,
Derrick

Report message to a moderator

Re: network issues [message #3395 is a reply to message #3372] Fri, 26 May 2006 06:25 Go to previous messageGo to next message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
I'm quite unsure what is your goal with VLAN and bridging, can you describe your configuarion a bit please?
And which kernel do you use?

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: network issues [message #3417 is a reply to message #3395] Fri, 26 May 2006 14:58 Go to previous messageGo to next message
dbeery is currently offline  dbeery
Messages: 34
Registered: April 2006
Location: Des Moines, IA
Member
Kernel was compiled with 8021d bridge support from ovzkernel-2.6.8-022stab077.1.src.rpm.


Certain VPS need to be on certain networks.

We can configure VLANs for each network. Through bridging, we can add a single VLAN to a single bridge and add many tap devices, one for each VPS, to the bridge.

OpenVZ presents us with the following challenges:

1)We cannot add the tap devices to the VPS using netdev_add
2)Regardless of method to add tap devices to VPS, there seems to be no way to add or keep network device to bridge within VPS.
3)Arp is disabled in VPS

Your assistance with overcoming these challenges or suggestions for how to use options available in OpenVZ to accomplish the same thing would be greatly appreciated. Please keep in mind we do not wish to use tunneling for performance reasons.

Thanks,
Derrick

Report message to a moderator

Re: network issues [message #3419 is a reply to message #3417] Fri, 26 May 2006 15:10 Go to previous messageGo to next message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
Usually this is done via routing:
- VPSs belonging to 2 subnetworks are given appropriate IPs, e.g. 192.x.y.z and 10.x.y.z
- in host you can setup SRC based routing, so that packets coming from 192.x.y.z will go to one GW1 and 10.x.y.z to another GW2.
Usually that's all. You can search through forums on how to setup it, e.g.
http://forum.openvz.org/index.php?t=tree&goto=1631&& amp;srch=SRC+routing#msg_1631

Also, FYI we will release MAC capable net device veth soon, which is possible to use in bridges etc. But it is still undesirable configuration for such scenario, as venet and SRC based routing are much more efficient.

http://static.openvz.org/userbars/openvz-developer.png

[Updated on: Fri, 26 May 2006 15:11]

Report message to a moderator

Re: network issues [message #3424 is a reply to message #3419] Fri, 26 May 2006 16:10 Go to previous message
dbeery is currently offline  dbeery
Messages: 34
Registered: April 2006
Location: Des Moines, IA
Member
Thank you for the reply.

I don't think layer 3 will help here. We need to get the device that has link to the network configured before routing will do any good.


Remember, we do not want to use eth0 as venet does. We have VLAN "devices", not just eth0 or eth1.

Maybe I am missing something...

Report message to a moderator

Previous Topic: Enough Resources?
Next Topic: *SOLVED* Unable to access VPS from network or network from VPS
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sat Jul 13 07:48:00 GMT 2024

Total time taken to generate the page: 0.02297 seconds
Powered by FUDforum Powered by Virtuozzo Containers