local network and arp problems [message #35024] |
Fri, 20 February 2009 21:04 |
stefal
Messages: 2 Registered: February 2009
|
Junior Member |
|
|
(running a standard debian 5.0 2.6.26-1-openvz-686 installation)
I have problems with ARP not being responded to by the HN for the VE.
The network consist of two subnets (in the same switch). One public, and one private 192.168.1.0/24 network.
The HN is assigned a private address, and the VE a public address.
To make the VE reachable, I add a static ARP entry for the public gateway, add a static route for the gateway. Now I can reach outside hosts from the VE. However, other hosts in the same public network cannot be reached.
So I played a bit with adding routing for the local network to eth0, removing the default gateway, etc, but after tcpdumping the other machine I found the problem. There is no response to arp's for the VE IP. (which makes it a bit curious about how the router can send packets back to the VE. It's a cisco, perhaps they cache mac addresses and dont need the regular arp who-has communication).
I also tried enabling the proxy arp sysctl, but it did not work.
I've tried setting a public address on the hostnode interface eth0:1, but that did not improve the situation. That address is however fully reachable.
I guess the generalized problem is to reach VE hosts on the same subnet without going through a router. It should be possible?
In either case, the HN should answer arp replies for VE adresses?
Regards,
Stefan
|
|
|
Re: local network and arp problems [message #35025 is a reply to message #35024] |
Fri, 20 February 2009 21:22 |
stefal
Messages: 2 Registered: February 2009
|
Junior Member |
|
|
stefal wrote on Fri, 20 February 2009 16:04 |
I also tried enabling the proxy arp sysctl, but it did not work.
|
Ok - seems I was a bit too quick to come to conclusions. I enabled proxyarp for eth1, it should have been eth0, and then all was fine.
But then I have another question. Why is proxy arp deprecated in some places, but recommended in others? For example in the quick installation, http://wiki.openvz.org/Quick_installation , it says
> # packet forwarding enabled and proxy arp disable
> ...
> net.ipv4.conf.default.proxy_arp = 0
while other pages,
http://wiki.openvz.org/Talk:Installation_on_Debian
http://www.archivum.info/linux.debian.bugs.dist/2006-09/msg0 9176.html
claims that proxy arp needs to be enabled. I've searched for the problems with enabling proxy arp, but did not find any explanation.
Can someone elaborate or point to some description of why or why not it should be enabled?
Regards
|
|
|