| Описание capability option [message #5356] |
Fri, 18 August 2006 08:06  |
|
|
Здравствуйте.
Как бы узнать описание всех этих возможностей? (man vzctl читал)
В частностиинтересует что такое net_broadcast? Необходимо ли эту возможность включать, чтобы DHCPD работал в VE?
(VE настроен с veth, сеть работает, а broadcast не доходит до VE  )
|
|
|
|
|
|
|
|
|
|
| Re: Описание capability option [message #5373 is a reply to message #5363] |
Fri, 18 August 2006 09:31  |
|
|
Может я что-то не так настроил? Гляньте пожалуйста.
Вот настройки VE0:
# brctl show
bridge name bridge id STP enabled interfaces
bridge 8000.00123456789b yes veth106.0
veth102.0
eth0
# ip a
2: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:81:5a:64:84 brd ff:ff:ff:ff:ff:ff
inet6 fe80::2e0:81ff:fe5a:6484/64 scope link
valid_lft forever preferred_lft forever
6: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:81:5a:64:85 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 scope global eth1
10: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
8: eth2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:30:4f:2b:4f:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.11.2/24 scope global eth2
12: bridge: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:12:34:56:78:9b brd ff:ff:ff:ff:ff:ff
inet 10.10.106.1/24 scope global bridge
inet6 fe80::200:ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
7: venet0: <BROADCAST,POINTOPOINT,NOARP,UP> mtu 1500 qdisc noqueue
link/void
9: veth102.0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:12:34:56:78:9b brd ff:ff:ff:ff:ff:ff
inet6 fe80::212:34ff:fe56:789b/64 scope link
valid_lft forever preferred_lft forever
11: veth106.0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:16:34:56:78:9b brd ff:ff:ff:ff:ff:ff
inet6 fe80::216:34ff:fe56:789b/64 scope link
valid_lft forever preferred_lft forever
# ip r
10.10.106.13 dev venet0 scope link src 192.168.11.2
10.10.106.3 dev venet0 scope link src 192.168.11.2
10.10.106.2 dev bridge scope link
10.10.106.6 dev bridge scope link
10.10.106.5 dev venet0 scope link src 192.168.11.2
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1
192.168.11.0/24 dev eth2 proto kernel scope link src 192.168.11.2
10.10.106.0/24 dev bridge proto kernel scope link src 10.10.106.1
Вот настройки VPS:
# vzctl exec 102 ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: venet0: <BROADCAST,POINTOPOINT,NOARP> mtu 1500 qdisc noop
link/void
5: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:12:34:56:78:9b brd ff:ff:ff:ff:ff:ff
inet 10.10.106.2/24 brd 10.10.106.255 scope global eth0
inet6 fe80::212:34ff:fe56:789b/64 scope link
valid_lft forever preferred_lft forever
# vzctl exec 102 ip r
10.10.106.0/24 dev eth0 proto kernel scope link src 10.10.106.2
default via 10.10.106.2 dev eth0
При этом пинг с VE0 на шлюз (10.10..106.35) проходит.
С другого VPS использующего venet проходит.
А вот с VPS, который в бридже, на шлюз не идет.
# vzctl exec 102 ping 10.10.106.35
PING 10.10.106.35 (10.10.106.35) 56(84) bytes of data.
From 10.10.106.2 icmp_seq=2 Destination Host Unreachable
Что не правильно?
[Updated on: Fri, 18 August 2006 09:32] by Moderator Report message to a moderator |
|
|
|
|
|
| Re: Описание capability option [message #5377 is a reply to message #5376] |
Fri, 18 August 2006 10:09 |
|
|
| Andrey Mirkin wrote on Fri, 18 August 2006 12:48 |
[ve0]# echo 1 > /proc/sys/net/ipv4/conf/bridge/forwarding
[ve0]# echo 1 > /proc/sys/net/ipv4/conf/bridge/proxy_arp
Это было сделано?
|
Да. Это установлено в 1
| Quote: |
Что стоит в:
[ve0]# /proc/sys/net/ipv4/conf/*/rp_filter
|
# vzctl exec 102 ls /proc/sys/net/ipv4/conf/
all
default
eth0
lo
[root@serv /]# vzctl exec 102 cat /proc/sys/net/ipv4/conf/*/rp_filter
0
1
1
Т.е. для eth0 - 1
| Quote: |
А также хотелось бы посмотреть arp таблицу для впс:
|
Никакого вывода - пусто
|
|
|
|
|
|
| Re: Описание capability option [message #5385 is a reply to message #5379] |
Fri, 18 August 2006 11:23 |
|
|
| Andrey Mirkin wrote on Fri, 18 August 2006 13:34 |
| Quote: |
Что стоит в:
[ve0]# /proc/sys/net/ipv4/conf/*/rp_filter
|
Эти параметры надо было проверить в ве0.
|
Стоит правильно и там - в 1
| Quote: |
На бридже, на veth и eth0 в ве0 надо попробовать поставить rp_filter в 0
|
Поставил. С первым VE102 все нормально. Все работает.
А VE106 не видит шлюз. Настройки для VE102 и VE106 одинаковые.
[root@serv ~]# vzctl exec 102 ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: venet0: <BROADCAST,POINTOPOINT,NOARP> mtu 1500 qdisc noop
link/void
5: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:12:34:56:78:9b brd ff:ff:ff:ff:ff:ff
inet 10.10.106.2/24 brd 10.10.106.255 scope global eth0
inet6 fe80::212:34ff:fe56:789b/64 scope link
valid_lft forever preferred_lft forever
[root@serv ~]# vzctl exec 102 ip r
10.10.106.0/24 dev eth0 proto kernel scope link src 10.10.106.2
default dev eth0 scope link
[root@serv ~]# vzctl exec 106 ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: venet0: <BROADCAST,POINTOPOINT,NOARP> mtu 1500 qdisc noop
link/void
5: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:16:34:56:78:9b brd ff:ff:ff:ff:ff:ff
inet 10.10.106.6/24 brd 10.10.106.255 scope global eth0
inet6 fe80::216:34ff:fe56:789b/64 scope link
valid_lft forever preferred_lft forever
[root@serv ~]# vzctl exec 106 ip r
10.10.106.0/24 dev eth0 proto kernel scope link src 10.10.106.6
default dev eth0 scope link
С VE0 10.10.106.6 - пингуется
[root@serv ~]# vzctl exec 102 ping 10.10.106.1
PING 10.10.106.1 (10.10.106.1) 56(84) bytes of data.
64 bytes from 10.10.106.1: icmp_seq=1 ttl=64 time=0.049 ms
64 bytes from 10.10.106.1: icmp_seq=2 ttl=64 time=0.015 ms
[root@serv ~]# vzctl exec 102 ping 10.10.106.3
PING 10.10.106.3 (10.10.106.3) 56(84) bytes of data.
64 bytes from 10.10.106.3: icmp_seq=1 ttl=64 time=0.072 ms
64 bytes from 10.10.106.3: icmp_seq=2 ttl=64 time=0.019 ms
[root@serv ~]# vzctl exec 102 ping 10.10.106.35
PING 10.10.106.35 (10.10.106.35) 56(84) bytes of data.
64 bytes from 10.10.106.35: icmp_seq=1 ttl=63 time=0.144 ms
64 bytes from 10.10.106.35: icmp_seq=2 ttl=63 time=0.109 ms
64 bytes from 10.10.106.35: icmp_seq=3 ttl=63 time=0.118 ms
[root@serv ~]# vzctl exec 102 ping 10.10.106.6
PING 10.10.106.6 (10.10.106.6) 56(84) bytes of data.
From 10.10.106.2 icmp_seq=2 Destination Host Unreachable
From 10.10.106.2 icmp_seq=3 Destination Host Unreachable
From 10.10.106.2 icmp_seq=4 Destination Host Unreachable
[root@serv ~]# vzctl exec 106 ping 10.10.106.6
PING 10.10.106.6 (10.10.106.6) 56(84) bytes of data.
64 bytes from 10.10.106.6: icmp_seq=1 ttl=64 time=0.034 ms
64 bytes from 10.10.106.6: icmp_seq=2 ttl=64 time=0.008 ms
[root@serv ~]# vzctl exec 106 ping 10.10.106.1
PING 10.10.106.1 (10.10.106.1) 56(84) bytes of data.
64 bytes from 10.10.106.1: icmp_seq=1 ttl=64 time=0.054 ms
64 bytes from 10.10.106.1: icmp_seq=2 ttl=64 time=0.023 ms
[root@serv ~]# vzctl exec 106 ping 10.10.106.3
PING 10.10.106.3 (10.10.106.3) 56(84) bytes of data.
64 bytes from 10.10.106.3: icmp_seq=1 ttl=64 time=0.058 ms
64 bytes from 10.10.106.3: icmp_seq=2 ttl=64 time=0.020 ms
[root@serv ~]# vzctl exec 106 ping 10.10.106.35
PING 10.10.106.35 (10.10.106.35) 56(84) bytes of data.
From 10.10.106.6 icmp_seq=2 Destination Host Unreachable
From 10.10.106.6 icmp_seq=3 Destination Host Unreachable
Ну и со шлюза:
[root@admin ~]# ping 10.10.106.1
PING 10.10.106.1 (10.10.106.1) 56(84) bytes of data.
64 bytes from 10.10.106.1: icmp_seq=1 ttl=64 time=0.262 ms
64 bytes from 10.10.106.1: icmp_seq=2 ttl=64 time=0.107 ms
[root@admin ~]# ping 10.10.106.2
PING 10.10.106.2 (10.10.106.2) 56(84) bytes of data.
From 10.10.106.1: icmp_seq=1 Redirect Host(New nexthop: 10.10.106.2)
64 bytes from 10.10.106.2: icmp_seq=1 ttl=64 time=0.140 ms
From 10.10.106.1: icmp_seq=2 Redirect Host(New nexthop: 10.10.106.2)
64 bytes from 10.10.106.2: icmp_seq=2 ttl=64 time=0.124 ms
[root@admin ~]# ping 10.10.106.6
PING 10.10.106.6 (10.10.106.6) 56(84) bytes of data.
--- 10.10.106.6 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 6999ms
[root@admin ~]# ping 10.10.106.3
PING 10.10.106.3 (10.10.106.3) 56(84) bytes of data.
64 bytes from 10.10.106.3: icmp_seq=1 ttl=64 time=592 ms
64 bytes from 10.10.106.3: icmp_seq=2 ttl=64 time=0.114 ms
64 bytes from 10.10.106.3: icmp_seq=3 ttl=64 time=0.113 ms
Т.е. получается что пакеты со второго veth не проходят в бридже.
Даже не знаю что и делать... 
Может надо как-то NAT делать?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
