Home » General » Discussions » Networking with OpenVz on Debian (My CT do not have internet access)
| Re: Networking with OpenVz on Debian [message #36720 is a reply to message #36702] |
Mon, 13 July 2009 15:00   |
irontowngeek
Messages: 20
Registered: January 2009
|
Junior Member |
|
|
If you are networking a DEBIAN container,the network configuration file,differs from that of REDHAT.
Also,all VE container ID numbers,should start with 100,as 0-99 is reserved by OpenVZ.
Let's go back to square one.
If you are running a REDHAT distribution on the Node server,(i.e
Centos 5,as the default Node server OS),your VETH device configuration as an example,using a VE ID of 100.
The "/etc/sysconfig/network-scripts/ifcfg-veth100.0" file is;
DEVICE=veth100.0
TYPE=Ethernet
IPADDR=192.168.100.2
NETMASK=255.255.255.0
MTU=1500
ONBOOT=yes
I went ahead and used the standard "/24" prefix length,or "255.255.255.0".
Make sure,routing is proper on the Node,that you can reach the LAN gateway router.
If using Centos-5 on the Node,place this directive in;
/etc/sysconfig/network
GATEWAY=your_edge_router
GATEWAYDEV=your_source_route_interface
An example is;
GATEWAY=192.168.99.1
GATEWAYDEV=eth1
It is much simpler,than using "iproute2".
If you use a REDHAT based VE container,its network configuration is;
DEVICE=eth0
TYPE=Ethernet
IPADDR=192.168.100.1
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
MTU=1500
ONBOOT=yes
If you are using DEBIAN as the OpenVZ Node server's OS,this goes beyond the default supported OS,and the location and syntax of the configuration,differs from REDHAT.
Its located in;
/etc/network/interfaces
Nevertheless,the VETH interface configuration should be;
iface veth100.0 inet static
address 192.168.100.2
netmask 255.255.255.0
broadcast 192.168.100.255
Using a DEBIAN VE,your network configuration is;
iface eth0 inet static
address 192.168.100.1
netmask 255.255.255.0
broadcast 192.168.100.255
gateway 192.168.100.2
dns-mydomain
dns-nameservers 192.168.11.1
as a minimum.
Regardless of whether you use a REDHAT or DEBIAN based VE,you have to define a "gateway" route,that points to the VE container's VETH adapter interface,if you are not using bridged Ethernet.
As long as you can do a;
ip route list
and you see a line,that defines the VETH adapter's IP address,as
the default route for the VE,then you are good to go.
As I stated earlier,routing on a Node server is a moot issue,as it will always have its routing table updated,via any interface that is added.
Just make sure,the edge router,has the VE container's subnet,in its routing table. (this is the router that faces the Internet.
Generally,all you need is,if using a Class C subnet;
ip route add 192.0.0.0/16 via 192.168.99.1
(replace 192.168.99.1 with your LAN gateway IP)
As far as IPTABLES syntax,I use the SHOREWALL firewall program on my Node server,that eliminates knowing specific IPTABLES syntax.
Remember,you need to NAT the private IP address,you use for the VE container.(this of course,is self-explainatary)
Maybe,somebody that my be reading this thread,can fill in that blank for you,using IPTABLES manually.
Cheers and good luck.
|
|
|
|
Current Time: Sat Aug 16 11:24:41 GMT 2025
Total time taken to generate the page: 0.18723 seconds
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
