OpenVZ Forum


Home » General » Support » SIOCADDRT: Network is unreachable
SIOCADDRT: Network is unreachable [message #35545] Thu, 02 April 2009 17:32 Go to next message
dburge is currently offline  dburge
Messages: 4
Registered: January 2009
Junior Member
Hello,

I've just installed OpenVZ on RedHat. I'm having a problem with not being able to ping outside the network from within a VE
I can ping the hardware node IP, but not any other ip or domain name.

When I restart the network on the hardware node I receive this:

**************************************
[root@207516-app1 ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down interface venet0: Shutting down interface venet0:
[ OK ]
Shutting down loopback interface: [ OK ]
Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0
[ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
Bringing up interface eth1: [ OK ]
Bringing up interface venet0: Bringing up interface venet0:
Configuring interface venet0:
net.ipv4.conf.venet0.send_redirects = 0
[ OK ]
SIOCADDRT: Network is unreachable
SIOCADDRT: Network is unreachable
[root@207516-app1 ~]#
**************************************


I've ensured that iptables are off on the hardware node.
I've ensured that SELINUX is disable, and all other lines in that file are commented out (per some other forum posts).

The VE has a valid IP address assigned with a hostname and nameservers.

Here's a copy of my sysctl.conf file per the manual:

********************************
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(Cool and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0

# Controls source route verification
net.ipv4.conf.all.rp_filter = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# we do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 1

# Controls whether core dumps will append the PID to the core filename
# Useful for debugging multi-threaded applications
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Controls the maximum size of a message, in bytes
kernel.msgmnb = 65536

# Controls the default maxmimum size of a mesage queue
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
************************************

Any ideas on why it's not working?

Thanks,

Daniel

Report message to a moderator

Re: SIOCADDRT: Network is unreachable [message #35553 is a reply to message #35545] Fri, 03 April 2009 06:40 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hello,

have you tried using tcpdump?
Ping some host from inside the VE, at the same momemt run tcpdump utility on venet0 interface inside VE, on venet0 interface on the HN and on physical interface on the HN.

Please, show also
- ip a l - from HN and from inside the VE
- ip r l - from HN and from inside the VE
- arp -n - from HN
- make sure that iptables are off inside VE

Report message to a moderator

Re: SIOCADDRT: Network is unreachable [message #35641 is a reply to message #35545] Thu, 09 April 2009 20:44 Go to previous messageGo to next message
dburge is currently offline  dburge
Messages: 4
Registered: January 2009
Junior Member
Hi,

Ok, this has ended up being two seperate problems.

The following errors that I received when restarting the network were due to bad lines in the /etc/sysconfig/static-routes file which were created by my hosting company (Rackspace). They removed the bad lines and these errors no longer appear.

SIOCADDRT: Network is unreachable
SIOCADDRT: Network is unreachable


The problem with the lack of network connectivity outside the host from within a container seems to be because the hardware nodes were using IP's from a seperate subnet than the IP's from the containers. I had them consolidate everything to one subnet and everything started working fine. Anyone have any ideas about why it didn't work with IP's from different subnets? I couldn't really find any good description in the wiki or online.

Thanks,

Daniel

Report message to a moderator

Re: SIOCADDRT: Network is unreachable [message #35649 is a reply to message #35641] Fri, 10 April 2009 07:06 Go to previous message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hi,

Quote:


Anyone have any ideas about why it didn't work with IP's from different subnets? I couldn't really find any good description in the wiki or online.


I can only surmise,
The principles of venet interface are briefly described here
http://forum.openvz.org/index.php?t=msg&&th=7401& ;goto=35611#msg_35633

In case of different subnets vzctl might not put appropriate record into arp table.
To avoid this, please change NEIGHBOUR_DEVS variable in /etc/vz/vz.conf file to "all", for example, i.e
NEIGHBOUR_DEVS=all

Report message to a moderator

Previous Topic: Cant stop VPS from HyperVM
Next Topic: Debian — kernel error
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sun Jul 14 23:36:16 GMT 2024

Total time taken to generate the page: 0.02296 seconds
Powered by FUDforum Powered by Virtuozzo Containers