OpenVZ Forum: Support » Not understanding networking (beware

Home » General » Support » Not understanding networking (beware - tons of questions!) [SOLVED]

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Not understanding networking (beware - tons of questions!) [message #30010 is a reply to message #29937]

Mon, 05 May 2008 15:48

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

sorry for delay

1.

Quote:

The wiki says that veth is dangerous because a container owner can forge mac addresses and ip addresses, but can't the host protect against this?

How can we change MAC address from inside the VPS? I supposed that it's impossible.

2.

Quote:

I am using Ubuntu inside a container, and I get a default gateway of 192.0.2.1. I have no idea where this comes from and I can't ping it from the container. Should openvz handle this automagically?

One of the /etc/vz/dists/scripts scripts adds this route. If you use simple venet configuration don't bother about this route. Our packets follow to the HN. But we cannot say that this route doesn't make nay sense. We should have any default gateway inside VE otherwise neighbour table inside VE can be overflown.

3.

Quote:

Should I use a default gateway of the host, or of my router inside the container? tcpdump shows the data leaving venet0, but I don't see how the data could ever get back

If you want to set your own configuration because of your network configurations you can change rc.local or other init scripts to put in order your network routes or something.

4.

Quote:

How does the data get back? Smile

Try to listen with "tcpdump" venet interface on HN.

5.

Quote:

There are two interfaces in the container, venet0 and venet0:0. The forum mentions this in a few places, but I can't find a post telling me why this exists. I've seen that there are various scripts for different Linux distributions but I can't see how openvz knows that a machine is e.g. Ubuntu. Is this the right direction to be going in? (At the moment I manually edit /etc/network/interfaces to remove the alias.)

Could you please describe the problem in more detail?

Report message to a moderator

[Message index]

		Not understanding networking (beware - tons of questions!) [SOLVED] By: jergendutch on Wed, 30 April 2008 16:19
		Re: Not understanding networking (beware - tons of questions!) By: maratrus on Mon, 05 May 2008 15:48
		Re: Not understanding networking (beware - tons of questions!) By: jergendutch on Tue, 06 May 2008 12:45
		Re: Not understanding networking (beware - tons of questions!) By: maratrus on Wed, 07 May 2008 11:50
		Re: Not understanding networking (beware - tons of questions!) By: jergendutch on Wed, 07 May 2008 12:38

Previous Topic:	Could not compile a package agains the ovz kernel!?
Next Topic:	HN and VE IPs on different subnets

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Nov 26 18:55:30 GMT 2025

Total time taken to generate the page: 0.27728 seconds