OpenVZ Forum


Home » General » Support » routing tables with openvz container
routing tables with openvz container [message #37656] Tue, 06 October 2009 21:46 Go to next message
Wittiko is currently offline  Wittiko
Messages: 2
Registered: October 2009
Location: Wien
Junior Member
i have two interfaces for some containers one for internal network and one for external network

my problem is that the extern interface gateway is the modem of my isp and the internal is my firewall/routing server

so i need two routing tables

i tried this with two routing tables

the problem was that every change in a container was applied to all containers

for example:

i did is this way:

echo "1 wan" >> /etc/iproute2/rt_tables
ip route add [WAN-NETWORK] dev eth0 src [WAN-IP] table wan
ip route add default via [WAN-GW] dev eth0 table wan
ip rule add from [WAN-IP]/32 table wan
ip rule add to [WAN-IP]/32 table wan

any solutions for this problem?

Report message to a moderator

Re: routing tables with openvz container [message #37686 is a reply to message #37656] Fri, 09 October 2009 16:11 Go to previous messageGo to next message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hello,

Quote:

the problem was that every change in a container was applied to all containers


but that is normal. If anything is done on the HN it might affect other containers.

I'm afraid I don't understand the problem completely. Could you please elaborate on it a little bit?

Report message to a moderator

Re: routing tables with openvz container [message #37696 is a reply to message #37686] Sun, 11 October 2009 12:33 Go to previous messageGo to next message
Wittiko is currently offline  Wittiko
Messages: 2
Registered: October 2009
Location: Wien
Junior Member
maratrus wrote on Fri, 09 October 2009 18:11
Hello,
but that is normal. If anything is done on the HN it might affect other containers.



i do the changes inside a container not on the hardware node

here is the situation:

---------------
|MODEM WAN ISP|
---------------
|
|
---------------- --------------------
| SWITCH |--------| FW-ROUTING SERVER|
---------------- --------------------
| |
|WAN |INTERNAL
| |
----------------
| HW Nodes |
----------------

the wan subnets go over the switch direct to the modem but for the internal networks the traffic had to go over the fw

so i need two interfaces with two default gw
i think the only way to do this is with 2 routing tables
with the containers with only one interface (only with internal address) there are no problems but with containers with 2 interfaces there are problems with the internal networks or the server is not reachable from extern

i need a solution that the traffic which come from eth0 go out over eth0 and the traffic which come from eth1 go out over eth1

eth0 and eth1 are the interfaces inside of the container

i hope you can understand the situation now

Report message to a moderator

Re: routing tables with openvz container [message #37810 is a reply to message #37696] Sat, 24 October 2009 10:28 Go to previous message
maratrus is currently offline  maratrus
Messages: 1495
Registered: August 2007
Location: Moscow
Senior Member
Hello Wittiko,

I'm terribly sorry for that big delay.
I do really hope the problem to be solved but if not
just let me share my thoughts:
- It seems that I understand what you want to achieve
-
Quote:

echo "1 wan" >> /etc/iproute2/rt_tables
ip route add [WAN-NETWORK] dev eth0 src [WAN-IP] table wan
ip route add default via [WAN-GW] dev eth0 table wan
ip rule add from [WAN-IP]/32 table wan
ip rule add to [WAN-IP]/32 table wan


Why do you need a default gateway record in wan table? The only case when a wan table is examined according to provided rules is when a network packet is addressed to WAN-IP/32 (a single ip address). So, because WAN-IP/32 is within WAN-NETWORK range, the packet will pass through eth0.

Report message to a moderator

Previous Topic: Why umount script runs on VE start?
Next Topic: change memory ram for VE
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Tue Aug 05 02:30:23 GMT 2025

Total time taken to generate the page: 2.62658 seconds
Powered by FUDforum Powered by Virtuozzo Containers