OpenVZ Forum: Support » HN and CT on different multiple subnets

Home » General » Support » HN and CT on different multiple subnets

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

HN and CT on different multiple subnets [message #43835]

Fri, 21 October 2011 02:32

nemesis
Messages: 2
Registered: October 2011

Junior Member

I posted a similar question a while ago and it didn't show up, so I'm taking a second stab and have made some new discoveries since.

My setup is this:
HN has IPs on two subnets, priv0 and pub0, each on their own interface (bond0 for pub0, bond1 is on priv0). These are assigned by our hosting provider for physical machines.

CT is on two different subnets priv1 and pub1. These are blocks given to us by our hosting provider, and all of our HNs are on these VLANs so we can move them around if we need to. My CT needs to have an IP on both subnets, pub1 and priv1.

I can get this to work quite well using veth. I bridge the two interfaces on my HN. Then create eth0 on the CT and give it an IP on on priv1, create eth1 and give it an IP on pub1. Then on the HN add veth101.0 to bridge0 and veth101.1 to bridge1. Set up the routes and I'm good.

However, my predecessor got this to work with venet, and I'm lost. I'm not sure I care too much, but its a bit faster and a lot easier to set up. We have scripts that expect it.

When using venet, I just give the CT an IP on both priv1 and pub1 using "vzctl set 101 ipadd". The problem is that whichever IP I add first to the CT, the corresponding interface on the HN gets *all* of the traffic. So if I add an IP on priv1 to the CT first, everything flows through the interface on the HN that has an ip on priv0 (how it matches these up is beyond me). So I end up only being able to access on part of the network. However, this worked absolutely perfectly for my predecessor. His machines were all CentOS 5 (2.6.18-238.9.1.el5.028stab089.1) and mine are CentOS 6 (2.6.32-042stab037.1). That *could* make a difference...

With the HN not having IPs on either of the subnets that the CT is on, how does the HN decide which interface to send traffic from the CT to? I think this is the root of my problem (tcpdump indicates it is).

I've done a LOT of googling on this, and I don't see anyone with a similar setup. I did follow veth docs and that got me working, but I wonder if this is possible with venet. I can't for the life of me figure out what my predecessor did!

Thanks for any help!

Report message to a moderator