OpenVZ Forum


Home » General » Support » create a private network.
create a private network. [message #13182] Wed, 23 May 2007 05:48 Go to next message
pringleso is currently offline  pringleso
Messages: 7
Registered: May 2007
Junior Member
Hi,

I've used http://wiki.openvz.org/Using_NAT_for_VE_with_private_IPs to give my VEs internet access, great it works. Now i want to create a private LAN between all the VEs (since some people want to do things like NFS) but not using their current ips since i monitor internet->ve and ve->internet traffic.

I've looked at http://wiki.openvz.org/Virtual_Ethernet_device but it doesnt seem to hint as to how to do that. Can anybody help?

thanks a lot.

edit:

i read the guide http://wiki.openvz.org/Virtual_Ethernet_device again and i got a small lan between the hn and a ve, however, i get this error when i want to add another ve to the lan

[root@hostnode] vzctl set 102 --netif_add eth0,00:12:34:56:78:9C,veth101.0,00:12:34:56:78:9A --save
Configure veth devices: veth101.0
Unable to create veth: File exists
Saved parameters for VE 102

the problem is that i already created veth when i copy pasted the command for VEID 101

can anybody help

thanks

[Updated on: Wed, 23 May 2007 15:46]

Report message to a moderator

Re: create a private network. [message #13255 is a reply to message #13182] Wed, 23 May 2007 15:29 Go to previous messageGo to next message
pringleso is currently offline  pringleso
Messages: 7
Registered: May 2007
Junior Member
bump

Report message to a moderator

Re: create a private network. [message #13263 is a reply to message #13182] Wed, 23 May 2007 19:52 Go to previous messageGo to next message
morik is currently offline  morik
Messages: 33
Registered: January 2006
Member
Sorry, but your question is not clear,
could you please explain what you whant todo more detail.

Report message to a moderator

Re: create a private network. [message #13417 is a reply to message #13263] Sat, 26 May 2007 08:45 Go to previous messageGo to next message
kingneutron is currently offline  kingneutron
Messages: 30
Registered: May 2007
Location: NE IL, USA
Member
From a Vmware perspective, it sounds like he wants to create a private host-only network (specifically for VE intercommunication) that is not routable outside the host, for NFS and the like.

i.e. 172.16.xx.xx subnet -- see:

http://winhlp.com/IpAddressesPrivate.htm

// @OP: Pls correct me if I'm wrong

Report message to a moderator

Re: create a private network. [message #13418 is a reply to message #13182] Sat, 26 May 2007 09:21 Go to previous messageGo to next message
kingneutron is currently offline  kingneutron
Messages: 30
Registered: May 2007
Location: NE IL, USA
Member
--You may need to remove the interface and re-add it.

--Here's what I did for host-only net; Centos 5--64 host and Debian 4 VE:

' vzctl set 101 --netif_add eth0,00:12:34:56:78:9D,veth101.0,00:12:34:56:78:01 --save '

-- ' dhclient eth0 ' did not work in guest; ** NOTE: it may be worthwhile for openvz to implement a VE DHCP server for guests

' ifconfig veth101.0 172.16.0.3 netmask 255.255.0.0 up '

(( guest:
' ifconfig eth0 172.16.1.3 netmask 255.255.0.0 up '
' ping 172.16.0.3 '
))

' ping 172.16.1.3 '
' nmap 172.16.1.3 ' # Revealed ssh

--I ssh'd to another local box on my net and configged it for 172.16 access, and it was *not* able to see the VE--host-only net -- which is what we want.

--Back on the openvz box:
(( 
' time nmap -F -v -r 172.16.0.3 '

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-05-26 04:15 CDT
Initiating ARP Ping Scan against 172.16.0.3 [1 port] at 04:15
The ARP Ping Scan took 0.00s to scan 1 total hosts.
DNS resolution of 1 IPs took 0.02s.
Initiating SYN Stealth Scan against 172.16.0.3 [1239 ports] at 04:15
Discovered open port 21/tcp on 172.16.0.3
Discovered open port 22/tcp on 172.16.0.3
The SYN Stealth Scan took 35.76s to scan 1239 total ports.
Host 172.16.0.3 appears to be up ... good.
Interesting ports on 172.16.0.3:
Not shown: 1192 filtered ports, 45 closed ports
PORT   STATE SERVICE
21/tcp open  ftp
22/tcp open  ssh
MAC Address: 00:12:34:56:78:01 (Camille Bauer)

Nmap finished: 1 IP address (1 host up) scanned in 36.122 seconds
               Raw packets sent: 2439 (107.314KB) | Rcvd: 48 (1930B)

real    0m36.131s
user    0m0.349s
sys     0m0.021s
))

--Compare this to scan run on the host:
[[ 
' time nmap 172.16.1.3 '

Starting Nmap 4.20 ( http://insecure.org ) at 2007-05-26 04:20 CDT
Interesting ports on 172.16.1.3:
Not shown: 1696 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 00:12:34:56:78:9D (Camille Bauer)

Nmap finished: 1 IP address (1 host up) scanned in 1.303 seconds

real    0m1.315s
user    0m0.153s
sys     0m0.044s
]]

Report message to a moderator

Re: create a private network. [message #13419 is a reply to message #13182] Sat, 26 May 2007 09:28 Go to previous message
kingneutron is currently offline  kingneutron
Messages: 30
Registered: May 2007
Location: NE IL, USA
Member
[[
> vzctl set 102 --netif_add eth0,00:12:34:56:78:9C,veth101.0,00:12:34:56:78:9A --save

Configure veth devices: veth101.0
Unable to create veth: File exists
Saved parameters for VE 102
]]

--Note that if you are modifying parms for VE 102, you should use "veth102.0" in vzctl line, and a different MAC address.

Report message to a moderator

Previous Topic: *SUCCESS* Centos 5--64 host - my experience with openvz so far
Next Topic: *SOLVED* kernel support for PPP
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Thu Apr 25 17:28:54 GMT 2024

Total time taken to generate the page: 0.01582 seconds
Powered by FUDforum Powered by Virtuozzo Containers