OpenVZ Forum


Home » General » Support » VE "route" command shows 191.255.255.1
VE "route" command shows 191.255.255.1 [message #4897] Tue, 01 August 2006 21:39 Go to next message
John Kelly is currently offline  John Kelly
Messages: 97
Registered: May 2006
Location: Palmetto State
Member
Why?

daves:~ # route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
191.255.255.0   *               255.255.255.0   U     0      0        0 venet0
loopback        *               255.0.0.0       U     0      0        0 lo
default         191.255.255.1   0.0.0.0         UG    0      0        0 venet0

rfc3330 says:

191.255.0.0/16 - This block, corresponding to the numerically highest to the former Class B addresses, was initially and is still reserved by the IANA. Given the present classless nature of the IP address space, the basis for the reservation no longer applies and addresses in this block are subject to future allocation to a Regional Internet Registry for assignment in the normal manner.

Re: VE "route" command shows 191.255.255.1 [message #4911 is a reply to message #4897] Wed, 02 August 2006 07:46 Go to previous messageGo to next message
Vasily Tarasov is currently offline  Vasily Tarasov
Messages: 1345
Registered: January 2006
Senior Member
HOST node is a gateway for VE.
VE is connected to HOST usign venet interface.
So in routing table of VE appropriate gateway must be set.
Why IP address 191.255.255.1 is used? You've already answered on
it:
Quote:

rfc3330 says:...
Re: VE "route" command shows 191.255.255.1 [message #4912 is a reply to message #4897] Wed, 02 August 2006 07:47 Go to previous messageGo to next message
hvdkamer is currently offline  hvdkamer
Messages: 40
Registered: July 2006
Member
For the same reason I changed the debian-add_ip.sh script to something more meaningful for my VEx's. In the distro-add_ip.sh script you see:

FAKEGATEWAY=192.168.13.1
FAKEGATEWAYNET=192.168.13.0

I've no idea why OpenVZ chooses the one it is now using. May be it has to change to something less harmful?


Henk van de Kamer
auteur Het Lab
http://www.hetlab.tk/
Re: VE "route" command shows 191.255.255.1 [message #4920 is a reply to message #4897] Wed, 02 August 2006 10:15 Go to previous messageGo to next message
aistis is currently offline  aistis
Messages: 77
Registered: September 2005
Location: Kaunas, Lithuania
Member

I'm sorry, less harmful than what? Surprised While IANA decides on future fate of those subnets, they are perfectly fit for such stuff.


Aistis Zenkevicius
http://static.openvz.org/userbars/openvz-user.png
Re: VE "route" command shows 191.255.255.1 [message #4922 is a reply to message #4897] Wed, 02 August 2006 10:29 Go to previous messageGo to next message
hvdkamer is currently offline  hvdkamer
Messages: 40
Registered: July 2006
Member
I disagree. If IANA says it is going to reassign those IP-addresses, it is better to not use them anymore. For now the old situation is not a problem, but it will become one!

I recall a session with a computer user group. One visitor had problems to connect to its home computer. So we decided to tackle the problem. After a lot of investigation we discoverd that the helpdesk of his router had said that the IP-adresses 192.168.x.y where way to common and you shouldn't use them. Therfore he had picked one at random. So on this meeting we were actively hacking a computer which was own by a Swiss bank. Luckiley we weren't arrested Smile

The moral of this story? Don't use IP-adresses which don't belong to you. Even if it is at this moment not used. It can change and funny problems can occur. So why risk that?


Henk van de Kamer
auteur Het Lab
http://www.hetlab.tk/

[Updated on: Wed, 02 August 2006 11:13]

Report message to a moderator

icon5.gif  Re: VE "route" command shows 191.255.255.1 [message #4924 is a reply to message #4897] Wed, 02 August 2006 10:48 Go to previous messageGo to next message
aistis is currently offline  aistis
Messages: 77
Registered: September 2005
Location: Kaunas, Lithuania
Member

alright, so your proposal is to use one of the following:

172.16.0.0/12
192.168.0.0/16

?


Aistis Zenkevicius
http://static.openvz.org/userbars/openvz-user.png
Re: VE "route" command shows 191.255.255.1 [message #4925 is a reply to message #4897] Wed, 02 August 2006 11:11 Go to previous messageGo to next message
hvdkamer is currently offline  hvdkamer
Messages: 40
Registered: July 2006
Member
Yep. Or the 10.0.0.0/8 series? Those three ar private and I think perfect for this kind of things. Or are there other reasons why the current one was choosen? On my box the 192.168.13.x series work...

Henk van de Kamer
auteur Het Lab
http://www.hetlab.tk/
Re: VE "route" command shows 191.255.255.1 [message #4927 is a reply to message #4897] Wed, 02 August 2006 11:43 Go to previous messageGo to next message
aistis is currently offline  aistis
Messages: 77
Registered: September 2005
Location: Kaunas, Lithuania
Member

my bet - because such subnets never appear on internal networks, while 192.168.0.0/16 / 172.16.0.0/12 / 10.0.0.0/8 are fairly common.



Aistis Zenkevicius
http://static.openvz.org/userbars/openvz-user.png
Re: VE "route" command shows 191.255.255.1 [message #4928 is a reply to message #4897] Wed, 02 August 2006 12:07 Go to previous messageGo to next message
John Kelly is currently offline  John Kelly
Messages: 97
Registered: May 2006
Location: Palmetto State
Member
At http://www.iana.org/faqs/abuse-faq.htm

IANA says about "Unallocated" IP addresses:

Quote:

The IPv4 Address Registry and the Whois use the word unallocated (sometimes "reserved") to mean that the addresses are reserved for future allocation. No one should be using these addresses now. These addresses will be assigned for use in the public Internet in the future. If addresses are needed for private networks then the private-use addresses mentioned [in rfc1918] should be used.



Of the rfc1918 private addresses, I might chose something like 10.254.254.0/24. Problem is, no matter what rfc1918 block is chosen for the script default, it may collide with some user's private allocations.

According to rfc3330, a better choice may be:

192.0.2.0/24 - This block is assigned as "TEST-NET" for use in documentation and example code. It is often used in conjunction with domain names example.com or example.net in vendor and protocol documentation. Addresses within this block should not appear on the public Internet.

If that disturbs an end user, they can modify the scripts to an rfc1918 value which does not collide with their own private allocations.

Smile
Re: VE "route" command shows 191.255.255.1 [message #4929 is a reply to message #4928] Wed, 02 August 2006 18:00 Go to previous message
Valmont is currently offline  Valmont
Messages: 225
Registered: September 2005
Senior Member
I agree with it. 192.0.2.0/24 looks more preferable, rather than use local subnet's (192.168.0.0/16 / 172.16.0.0/12 / 10.0.0.0/8 ). To avoid of possible conflicts with already existing local subnet's.
Previous Topic: Dual veth interfaces
Next Topic: gfs does not compile with openvz kernel
Goto Forum:
  


Current Time: Wed Nov 06 08:52:59 GMT 2024

Total time taken to generate the page: 0.03388 seconds