connection between two VE's [message #36075] |
Tue, 19 May 2009 14:13 |
justasp
Messages: 7 Registered: May 2009
|
Junior Member |
|
|
Hello,
I have a strange problem - one VE can't reach other one. What I'm trying to do:
1) I ping FROM VE 107 to VE 106
2) On HN while tcpdumping veth107.0 I see arp-whohas ip-of-106 tell to ip-of-107 but no reply
Quote: | listening on veth107.0, link-type EN10MB (Ethernet), capture size 96 bytes
17:10:22.722419 arp who-has 213.197.185.1 tell 213.197.185.2
|
Quote: | on HN:
ovz-vps4:/etc/network# arp 213.197.185.1
Address HWtype HWaddress Flags Mask Iface
213.197.185.1 ether 00:18:51:09:E6:C3 C veth106.0
|
So HN have information about MAC of VE106.
Both VE 106 and VE 107 can reach internet without problems.
HN have two interfaces - eth1 is connected to private network, eth0 to public. We use source based routing to direct all traffic from VE106 & VE107 to eth0.
Network config on HN:
Quote: |
SERVER1_IP="213.197.164.179"
SERVER1_DEV="veth106.0"
ifconfig $SERVER1_DEV 0
echo 1 > /proc/sys/net/ipv4/conf/$SERVER1_DEV/forwarding
echo 1 > /proc/sys/net/ipv4/conf/$SERVER1_DEV/proxy_arp
ip route add $SERVER1_IP dev $SERVER1_DEV
iptables -A FORWARD -i $SERVER1_DEV -s $SERVER1_IP -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d $SERVER1_IP -j GOOD;
ip route add 213.197.185.1 dev $SERVER1_DEV
iptables -A FORWARD -i $SERVER1_DEV -s 213.197.185.1 -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d 213.197.185.1 -j GOOD;
ip route add 213.197.164.180 dev $SERVER1_DEV
iptables -A FORWARD -i $SERVER1_DEV -s 213.197.164.180 -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d 213.197.164.180 -j GOOD;
############################################################ #######
NS2NEWSYSTEMS_IP="213.197.185.2"
NS2NEWSYSTEMS_DEV="veth107.0"
ifconfig $NS2NEWSYSTEMS_DEV 0
echo 1 > /proc/sys/net/ipv4/conf/$NS2NEWSYSTEMS_DEV/forwarding
echo 1 > /proc/sys/net/ipv4/conf/$NS2NEWSYSTEMS_DEV/proxy_arp
ip route add 213.197.185.2 dev veth107.0
iptables -A FORWARD -i $NS2NEWSYSTEMS_DEV -s $NS2NEWSYSTEMS_IP -d 0/0 -j GOOD;
iptables -A FORWARD -i eth0 -s 0/0 -d $NS2NEWSYSTEMS_IP -j GOOD;
iptables -A FORWARD -i veth106.0 -s 0/0 -d $NS2NEWSYSTEMS_IP -j GOOD;
############################################################ ######
ip route del dev eth0
ip rule add from 213.197.164.179 table 10
ip rule add from 213.197.164.180 table 10
ip rule add from 213.197.185.1 table 10
ip rule add from 213.197.185.2 table 10
ip route add default dev eth0 via 213.197.164.183 table 10
############################################################ #######
|
Any help would be highly appreciated!
J
|
|
|