OpenVZ Forum


Home » General » Support » dual NIC (Dual network)
dual NIC [message #38891] Mon, 15 February 2010 20:58 Go to next message
foxb is currently offline  foxb
Messages: 12
Registered: December 2009
Junior Member
Hi,

I have following config

internet
|
router
| Public subnet
fw - dmz
|
LAN

I have a server with OpenVZ that has to host Containers with IP from both public and DMZ subnet

I tried to set IPs on 2 NICs each connected in pub and dmz respectively, but I cannot ping from pub to dmz.

Default route is public

Do i miss something?

If more information is needed I'll provide it.

Report message to a moderator

Re: dual NIC [message #38973 is a reply to message #38891] Thu, 25 February 2010 16:06 Go to previous messageGo to next message
seanfulton is currently offline  seanfulton
Messages: 105
Registered: May 2007
Senior Member
No other responses so I will try to jump in. We have a couple of hundred VEs on machines connected to two distinct networks so here is what I know. Maybe it will help:

We have two separate LANs and the VEs all are on a separate (third) subnet. We set up quagga/rip to announce the routes and we use rip configuration rules to weight one network over the other.

When the VEs are on the same network as one of the NICs, I believe OpenVZ uses arp to announce them. In a case like ours with separate networks, we treat the HN like a router. It is set to announce kernel routes from venet0, and only accept a default route from the network. This allows the HN to control what it announces.

On the other host nodes, we tell them to prefer routes to the VEs over the front-side connection using rip metrics.

So when a VE comes up, the HN will announce a route to it over both networks. Each other host on the network gives the VE IP space a lower metric over the primary LAN than over the secondary. If the primary becomes unavailable, traffic will traverse the backup.

It's a bit simplified of an explanation but I hope it helps.

In your case, you may need routing+NAT, I am not sure.

sean

Report message to a moderator

Re: dual NIC [message #38979 is a reply to message #38973] Thu, 25 February 2010 23:23 Go to previous message
foxb is currently offline  foxb
Messages: 12
Registered: December 2009
Junior Member
It is good setup...

Yes I imagine that this includes some iptables, but I solved the problem old fashioned way.

Just migrated the CTs to 2 machines each with only one subnet.

Report message to a moderator

Previous Topic: kernel: unregister_netdevice: waiting for lo to become free.
Next Topic: CLUSTERIP / ipt_CLUSTERIP : invalid argument
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Thu May 21 12:37:48 GMT 2026

Total time taken to generate the page: 1.02544 seconds
Powered by FUDforum Powered by Virtuozzo Containers