| 
		
			| Re: NIC dedicated for accessing VEs from internet [message #29814 is a reply to message #29786] | Fri, 25 April 2008 09:36  |  
			| 
				
				
					|  mangust Messages: 39
 Registered: April 2008
 Location: USA
 | Member |  |  |  
	| variant with veth interface works, but i still want to try venet0. Today investigated more. i did:
 
 
[root@trinity ~]# ifconfig eth1 up
[root@trinity ~]# ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 00:1E:4F:2D:F1:65  
          inet6 addr: fe80::21e:4fff:fe2d:f165/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:250 (250.0 b)
          Interrupt:169 Memory:f4000000-f4012100 
[root@trinity ~]# /sbin/ip rule add from 62.15.232.178 table 100
[root@trinity ~]# ip rule show
0:      from all lookup 255 
32765:  from 62.15.232.178 lookup 100 
32766:  from all lookup main 
32767:  from all lookup default 
[root@trinity ~]# ip route add default dev eth1 via 62.15.232.182 table 100
RTNETLINK answers: Network is unreachable
[root@trinity ~]# ip route add 62.15.232.176/29 dev eth1
RTNETLINK answers: No such device
[root@trinity ~]# ifconfig eth1 inet 191.255.254.5
[root@trinity ~]# ip route add 62.15.232.176/29 dev eth1
[root@trinity ~]# ip route add default dev eth1 via 62.15.232.182 table 100
[root@trinity ~]# tcpdump -ni eth1 | grep -v 802.1d
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
11:23:56.046077 IP 62.44.79.180 > 62.15.232.178: ICMP echo request, id 63836, seq 0, length 64
11:23:56.047219 arp who-has 62.15.232.182 tell 191.255.254.5
11:23:57.045108 IP 62.44.79.180 > 62.15.232.178: ICMP echo request, id 63836, seq 1, length 64
11:23:57.047504 arp who-has 62.15.232.182 tell 191.255.254.5
11:23:58.044590 IP 62.44.79.180 > 62.15.232.178: ICMP echo request, id 63836, seq 2, length 64
11:23:58.047710 arp who-has 62.15.232.182 tell 191.255.254.5
11:23:59.045492 IP 62.44.79.180 > 62.15.232.178: ICMP echo request, id 63836, seq 3, length 64
11:24:00.046463 IP 62.44.79.180 > 62.15.232.178: ICMP echo request, id 63836, seq 4, length 64
11:24:00.047001 arp who-has 62.15.232.182 tell 191.255.254.5
11:24:01.047267 arp who-has 62.15.232.182 tell 191.255.254.5
1
 To add a route i first need to add a network.
 To add a network kernel want to see any IP address i gave some not existant.
 Ping from outside not going
  Computer want to determine routers MAC by ARP and request it from that not real 191.255.254.5
  I don't want any IP on interface! Why not to use VE ip address for ARP?
  If i add public address on that external NIC everithing working. but i don't need this IP for HW node, i will need to not to forget close it by firewall, tell services like ssh not to listen on it, finally i can't use it for VE
   [Updated on: Fri, 25 April 2008 10:13] Report message to a moderator |  
	|  |  |