| openvz vrrp (and ucarp) [message #43340] |
Fri, 26 August 2011 14:01  |
Meikes
Messages: 2
Registered: August 2011
Location: Germany
|
Junior Member |
|
|
Hello,
I have running two VE, connected to the same bridge on the host.
Network communication is running well.
The problem occurs with program ucarp, version 1.5.1 under Debian 6. The IP protocol VRRP (0x70) does not work between VEs or VE and Host. If I sniff (tcpdump) inside the VE, I see the packages, but not on the host or the other VE.
If I change the IP protocol back to TCP (6) or UDP (0x11), the packages are seen on the host and also the other vz.
I used packETH as packet generator. Because I can reproduce the problem with the packet generator, it seems, it is not a problem from ucarp.
A "few" time ago, the same problem was reported but no one did answer.
forum.openvz.org/index.php?t=msg&goto=37736&&src h=vrrp#msg_37736
Please help!
Kindly regards Meike!
|
|
|
|
|
|
|
|
|
|
| Re: openvz vrrp (and ucarp) [message #45386 is a reply to message #43340] |
Wed, 29 February 2012 22:11  |
mose
Messages: 6
Registered: February 2012
Location: Nebraska
|
Junior Member |
|
|
That was very helpful. Setting mac_filter to off fixed the problem.
The documentation is now more clear. When mac_filter is turned on (the default), the container can only send packets with the MAC address that is assigned to the container. The container is not allowed to send packets with any other MAC address.
uCarp sends packets from a multicast MAC address by default, but those packets are not accepted by veth. You can have uCarp send from a broadcast MAC address, as well, but those packets are not accepted for the same reason. Setting mac_filter off allows the container to use whatever MAC address it wants.
Since this is a moderated forum, requiring 10 posts before allowing links seems more punitive than useful.
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
