OpenVZ Forum: Support » Cannot Start VE - Unable to set capability: Operation not permitted

Home » General » Support » Cannot Start VE - Unable to set capability: Operation not permitted

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Cannot Start VE - Unable to set capability: Operation not permitted [message #23290 is a reply to message #23287]

Thu, 15 November 2007 09:37

vaverin
Messages: 708
Registered: September 2005

Senior Member

JFOC wrote on Thu, 15 November 2007 11:54

[host-node] vzctl create 100 --ostemplate=debian-4.0-i386-minimal
[host-node] vzctl set 100 --ipadd 192.168.0.100 --save
[host-node] vzctl set 100 --nameserver 209.250.234.162 --save
[host-node] vzctl set 100 --hostname vps100 --save

I would note that it is enough for VE networking via venet interface
http://wiki.openvz.org/Virtual_network_device
veth interface is an alternative soulution, and you can not use it at all.

JFOC wrote on Thu, 15 November 2007 11:54

[host-node] vzctl set 100 --netif_add eth0,00:0C:29:08:EE:48 --save
[host-node] vzctl start 100
[host-node] ifconfig veth101.0 0
[host-node] echo 1 > /proc/sys/net/ipv4/conf/veth100.0/forwarding
[host-node] echo 1 > /proc/sys/net/ipv4/conf/veth100.0/proxy_arp
[host-node] echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
[host-node] echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
[host-node] vzctl enter 100

[ve-100] ifcfg eth0 0
[ve-100] ifconfig eth0 192.168.0.99
[ve-100] route add default eth0
[ve-100] exit

[host-node] route add 192.168.0.99 dev veth100.0

As I've explained above Veth interafce is not necessary, but
at this point you have configured veth interface too.

JFOC wrote on Thu, 15 November 2007 11:54

[host-node] iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 209.250.234.162

this rule means that all forwarded packets will have source ip=209.250.234.162. Is it your hardware node's IP?

JFOC wrote on Thu, 15 November 2007 11:54

[host-node] vzctl enter 100
[ve-100] ping jfoc.net --> the result is ping: unknown host jfoc.net

Above is an instruction i followed step-by-step, but still cannot access the Internet From VE

As far as I see you cannot translate jfoc.net name to IP. Are you sure that you have started nameserver on your hardware node? If not -- you can set to VE the same nameserver that uses your hardware node.

Then let's check the following:
- do you able to ping HW node from inside VE (by using its IP)?
- do you able to ping some external IP from inside VE?

thank you,
Vasily Averin

[Updated on: Thu, 15 November 2007 09:38]

Report message to a moderator

[Message index]

		Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Tue, 30 October 2007 17:44
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: Valmont on Wed, 31 October 2007 11:24
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Wed, 31 October 2007 15:50
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: Valmont on Thu, 01 November 2007 07:15
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Fri, 02 November 2007 19:02
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: Valmont on Sun, 04 November 2007 09:52
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Sun, 04 November 2007 15:42
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Tue, 13 November 2007 20:23
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: Valmont on Tue, 13 November 2007 22:09
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Tue, 13 November 2007 23:21
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Wed, 14 November 2007 08:54
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Wed, 14 November 2007 09:39
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Wed, 14 November 2007 09:52
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Wed, 14 November 2007 13:27
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Wed, 14 November 2007 14:05
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Wed, 14 November 2007 14:21
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Thu, 15 November 2007 06:48
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Thu, 15 November 2007 07:03
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Thu, 15 November 2007 07:56
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Thu, 15 November 2007 08:10
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Thu, 15 November 2007 08:42
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Thu, 15 November 2007 08:54
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Thu, 15 November 2007 09:37
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: JFOC on Thu, 15 November 2007 09:58
		Re: Cannot Start VE - Unable to set capability: Operation not permitted By: vaverin on Thu, 15 November 2007 10:42

Previous Topic:	"vzctl stop" - hangs
Next Topic:	May be a Bug

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Jul 10 03:26:56 GMT 2024

Total time taken to generate the page: 0.02474 seconds