| connection between two VE's [message #36075] |
Tue, 19 May 2009 14:13  |
justasp
Messages: 7
Registered: May 2009
|
Junior Member |
|
|
Hello,
I have a strange problem - one VE can't reach other one. What I'm trying to do:
1) I ping FROM VE 107 to VE 106
2) On HN while tcpdumping veth107.0 I see arp-whohas ip-of-106 tell to ip-of-107 but no reply
| Quote: |
listening on veth107.0, link-type EN10MB (Ethernet), capture size 96 bytes
17:10:22.722419 arp who-has 213.197.185.1 tell 213.197.185.2
|
| Quote: |
on HN:
ovz-vps4:/etc/network# arp 213.197.185.1
Address HWtype HWaddress Flags Mask Iface
213.197.185.1 ether 00:18:51:09:E6:C3 C veth106.0
|
So HN have information about MAC of VE106.
Both VE 106 and VE 107 can reach internet without problems.
HN have two interfaces - eth1 is connected to private network, eth0 to public. We use source based routing to direct all traffic from VE106 & VE107 to eth0.
Network config on HN:
| Quote: |
SERVER1_IP="213.197.164.179"
SERVER1_DEV="veth106.0"
ifconfig $SERVER1_DEV 0
echo 1 > /proc/sys/net/ipv4/conf/$SERVER1_DEV/forwarding
echo 1 > /proc/sys/net/ipv4/conf/$SERVER1_DEV/proxy_arp
ip route add $SERVER1_IP dev $SERVER1_DEV
iptables -A FORWARD -i $SERVER1_DEV -s $SERVER1_IP -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d $SERVER1_IP -j GOOD;
ip route add 213.197.185.1 dev $SERVER1_DEV
iptables -A FORWARD -i $SERVER1_DEV -s 213.197.185.1 -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d 213.197.185.1 -j GOOD;
ip route add 213.197.164.180 dev $SERVER1_DEV
iptables -A FORWARD -i $SERVER1_DEV -s 213.197.164.180 -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d 213.197.164.180 -j GOOD;
############################################################ #######
NS2NEWSYSTEMS_IP="213.197.185.2"
NS2NEWSYSTEMS_DEV="veth107.0"
ifconfig $NS2NEWSYSTEMS_DEV 0
echo 1 > /proc/sys/net/ipv4/conf/$NS2NEWSYSTEMS_DEV/forwarding
echo 1 > /proc/sys/net/ipv4/conf/$NS2NEWSYSTEMS_DEV/proxy_arp
ip route add 213.197.185.2 dev veth107.0
iptables -A FORWARD -i $NS2NEWSYSTEMS_DEV -s $NS2NEWSYSTEMS_IP -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d $NS2NEWSYSTEMS_IP -j GOOD;
iptables -A FORWARD -i veth106.0 -s 0/0 -d $NS2NEWSYSTEMS_IP -j GOOD;
############################################################ ######
ip route del dev eth0
ip rule add from 213.197.164.179 table 10
ip rule add from 213.197.164.180 table 10
ip rule add from 213.197.185.1 table 10
ip rule add from 213.197.185.2 table 10
ip route add default dev eth0 via 213.197.164.183 table 10
############################################################ #######
|
Any help would be highly appreciated!
J
|
|
|
|
| Re: connection between two VE's [message #36139 is a reply to message #36075] |
Sun, 24 May 2009 13:35  |
vijay_361
Messages: 7
Registered: May 2009
Location: india
|
Junior Member |
|
|
modify /etc/sysctl file
net.inet.ip.forwarding=1
and save it
And go to command line
type sysctl -p ( i think p or else see man for that option or use f)
now ping one ve from other
if still getting problem .............
stop iptables by service iptables off or else flush it off by iptables -F
I think u will get what u required..
vijayan
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
