OpenVZ Forum: Support » Network not availible.

Home » General » Support » Network not availible.

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Network not availible. [message #21011]

Sun, 30 September 2007 09:52

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Hi, i have installed OpenVZ on Fedora core 7 and all is working other than network access to VPS that are created. Here is what i have done so far :-

# vzctl create 101 --ipadd 72.55.180.209 --ostemplate fedora-core-7-i386-default
Creating VE private area (fedora-core-7-i386-default)
Performing postcreate actions
VE private area was created

# vzctl start 101
Starting VE ...
VE is mounted
Adding IP address(es): 72.55.180.209
Setting CPU units: 1000
Configure meminfo: 49152
VE start in progress...

# vzctl enter 101
entered into VE 101

# ping google.com
ping: unknown host google.com

also, when i try and ping the ip of the host machine, it just says

# ping 72.55.179.7
PING 72.55.179.7(72.55.179.7) 56(84) bytes of data.

and does nothing.

finally, when i try to reload the network

# vzctl exec 101 /etc/init.d/network restart
Shutting down interface venet0:  [  OK  ]
Shutting down loopback interface:  [  OK  ]
SIOCGIFFLAGS: No such device
Bringing up loopback interface:  [  OK  ]
Bringing up interface venet0:  SIOCADDRT: Network is unreachable
[  OK  ]

Here is a ifconfig of VPS

# ifconfig
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:127.0.0.1  P-t-P:127.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:840 (840.0 b)

venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:72.55.180.209  P-t-P:72.55.180.209  Bcast:72.55.180.209  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.0.2.0       *               255.255.255.0   U     0      0        0 venet0
169.254.0.0     *               255.255.0.0     U     0      0        0 venet0
default         192.0.2.1       0.0.0.0         UG    0      0        0 venet0

and the same for the host machine

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.179.7  Bcast:72.55.179.31  Mask:255.255.255.224
          inet6 addr: fe80::21b:fcff:fe2f:9572/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:456310 errors:0 dropped:0 overruns:0 frame:0
          TX packets:307979 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:510055357 (486.4 MiB)  TX bytes:42855331 (40.8 MiB)
          Interrupt:201

eth0:0    Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.180.209  Bcast:72.55.180.215  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:201

eth0:1    Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.180.210  Bcast:72.55.180.215  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:201

eth0:2    Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.180.211  Bcast:72.55.180.215  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:201

eth0:3    Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.180.212  Bcast:72.55.180.215  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:201

eth0:4    Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.180.213  Bcast:72.55.180.215  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:201

eth0:5    Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.180.214  Bcast:72.55.180.215  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:201

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:477 errors:0 dropped:0 overruns:0 frame:0
          TX packets:477 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:102566 (100.1 KiB)  TX bytes:102566 (100.1 KiB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:10 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:840 (840.0 b)  TX bytes:0 (0.0 b)

# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
ip-72-55-180-20 *               255.255.255.255 UH    0      0        0 venet0
72.55.180.208   *               255.255.255.248 U     0      0        0 eth0
72.55.179.0     *               255.255.255.224 U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         ip-72-55-179-1. 0.0.0.0         UG    0      0        0 eth0

Can some offer any help on why the networks not availible.

Report message to a moderator

Re: Network not availible. [message #21034 is a reply to message #21011]

Mon, 01 October 2007 11:01

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1.

Quote:

# route
Kernel IP routing table...

can you show route -n command?

2.

Quote:

#ip-72-55-180-20 * 255.255.255.255 UH 0 0 0 venet0

Is it your VPS?
I've asked this question, because addresses 72-55-180-20 and 72.55.180.209 are different. Is it normal?

3. Try to use tcpdump to find out the packets behavior.

Report message to a moderator

Re: Network not availible. [message #21095 is a reply to message #21011]

Mon, 01 October 2007 17:59

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Hi, here are the results as requested.

On the VPS

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.0.2.0       0.0.0.0         255.255.255.0   U     0      0        0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 venet0
0.0.0.0         192.0.2.1       0.0.0.0         UG    0      0        0 venet0

On the HOST

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
72.55.180.208   0.0.0.0         255.255.255.248 U     0      0        0 eth0
72.55.179.0     0.0.0.0         255.255.255.224 U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         72.55.179.1     0.0.0.0         UG    0      0        0 eth0

Quote:

#ip-72-55-180-20 * 255.255.255.255 UH 0 0 0 venet0

Is it your VPS?
I've asked this question, because addresses 72-55-180-20 and 72.55.180.209 are different. Is it normal?

That route was from the HOST machine. 72.55.180.209 is the VPS. Im not sure what 72.55.180.20 is. Its not one of my addresses.

My HOST IP is 72.55.179.7

[Updated on: Mon, 01 October 2007 18:01]

Report message to a moderator

Re: Network not availible. [message #21189 is a reply to message #21095]

Wed, 03 October 2007 08:36

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1.

Quote:

[#ip-72-55-180-20 * 255.255.255.255 UH 0 0 0 venet0

Is it your VPS?
I've asked this question, because addresses 72-55-180-20 and 72.55.180.209 are different. Is it normal?

That route was from the HOST machine. 72.55.180.209 is the VPS. Im not sure what 72.55.180.20 is. Its not one of my addresses.

Certainly, that route was from the HOST. I meant that ip-72-55-180-20 is your VPS.

2. What version of vzctl do you use?
3. Is iproute package installed on your HOST machine?
4.

Quote:

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
72.55.180.208 0.0.0.0 255.255.255.248 U 0 0 0 eth0
72.55.179.0 0.0.0.0 255.255.255.224 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 72.55.179.1 0.0.0.0 UG 0 0 0 eth0

Was VPS stoped at that time?

It is strange, because when VPS is starting vzctl must add a record into the routing table such as
"ip route add VPS_IP dev venet0", which allows you to access to VPS. And you can observe this rule in the routing table.

Please, check that the new entry is added into the routing table when the VPS started. And it is deleted when VPS stoped.

Report message to a moderator

Re: Network not availible. [message #21195 is a reply to message #21189]

Wed, 03 October 2007 09:34

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Sorry, yes the VPS was stopped at the time of doing the route -n on the host.

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
72.55.180.210   0.0.0.0         255.255.255.255 UH    0      0        0 venet0
72.55.180.209   0.0.0.0         255.255.255.255 UH    0      0        0 venet0
72.55.180.208   0.0.0.0         255.255.255.248 U     0      0        0 eth0
72.55.179.0     0.0.0.0         255.255.255.224 U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         72.55.179.1     0.0.0.0         UG    0      0        0 eth0

I have now setup 2 VPS, IP 209 and 210. both refuse to communicate with the host or the web. and the host refuses to communicate with the VPS.

I am using the up to date vzctl and vzquota packages v3.0.18. and i do have iproute installed on the host, I also have enabled ip_forward.

When i start the VPS the records are added to the route. And when i stop the VPS, the records are removed.

Report message to a moderator

Re: Network not availible. [message #21198 is a reply to message #21195]

Wed, 03 October 2007 10:32

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

You have an alias for the interface eth0 (eth0:0), which has the same IP address you have set to your VPS - 72.55.180.209. Try to use another IP for VPS.

Report message to a moderator

Re: Network not availible. [message #21206 is a reply to message #21011]

Wed, 03 October 2007 11:34

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Ok, im getting closer.

I have removed the alias eth0:X by issueing the

ifconfig eth0:0 down

and restarted the VPS - It is now pinging the host sucsessfully. However, still wont access the internet.

The host reports

[root@cl-t091-040cl ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:1B:FC:2F:95:72
          inet addr:72.55.179.7  Bcast:72.55.179.31  Mask:255.255.255.224
          inet6 addr: fe80::21b:fcff:fe2f:9572/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3197 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2351 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1127335 (1.0 MiB)  TX bytes:348281 (340.1 KiB)
          Interrupt:201

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1344 (1.3 KiB)  TX bytes:1344 (1.3 KiB)

[root@cl-t091-040cl ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
72.55.180.209   0.0.0.0         255.255.255.255 UH    0      0        0 venet0
72.55.179.0     0.0.0.0         255.255.255.224 U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         72.55.179.1     0.0.0.0         UG    0      0        0 eth0

and the VPS

[root@cl-t091-040cl ~]# vzctl enter 101
entered into VE 101
[root@VE101 /]# ping google.com
ping: unknown host google.com
[root@VE101 /]# ifconfig
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1120 (1.0 KiB)  TX bytes:1120 (1.0 KiB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:127.0.0.1  P-t-P:127.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1344 (1.3 KiB)  TX bytes:1344 (1.3 KiB)

venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:72.55.180.209  P-t-P:72.55.180.209  Bcast:72.55.180.209  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

[root@VE101 /]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.0.2.0       0.0.0.0         255.255.255.0   U     0      0        0 venet0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 venet0
0.0.0.0         192.0.2.1       0.0.0.0         UG    0      0        0 venet0

I am unable to access the internet from the VPS. Or access the VPS from the internet. However the host can access the VPS.

Report message to a moderator

Re: Network not availible. [message #21212 is a reply to message #21206]

Wed, 03 October 2007 12:12

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1.

Quote:

[root@VE101 /]# ping google.com
ping: unknown host google.com

May be you have not set a nameserver for your VPS. To do it, please see "man vzctl", namely "nameserver" parameter.

2. Are you sure, that IP address 72.55.180.209 is valid to access the Internet. Have you come to an agreement with your provider about this IP?

[Updated on: Wed, 03 October 2007 13:15]

Report message to a moderator

Re: Network not availible. [message #21224 is a reply to message #21011]

Wed, 03 October 2007 14:29

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Quote:

May be you have not set a nameserver for your VPS. To do it, please see "man vzctl", namely "nameserver" parameter.

Ok, i have installed bind on the main host and downloaded the root records. I have then issued

vzctl set 101 --nameserver 72.55.179.7 --save
vzctl restart 101
vzctl enter 101

x.x.179.7 is the ip of the host. Now im getting

[root@cl-t091-040cl ~]# vzctl enter 102
entered into VE 102
[root@ve102 /]# ping google.com
PING google.com (64.233.167.99) 56(84) bytes of data.

Then nothing. Its now resolving the IP, but not sending or recieving traffic over the internet.

Quote:

2. Are you sure, that IP address 72.55.180.209 is valid to access the Internet. Have you come to an agreement with your provider about this IP?

Yes, this IP is allocated to me (209 through 214) and are availible over the internet.

Any further ideas?

Report message to a moderator

Re: Network not availible. [message #21226 is a reply to message #21224]

Wed, 03 October 2007 15:11

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1.

Quote:

vzctl set 101 --nameserver 72.55.179.7 --save
vzctl restart 101
vzctl enter 101

x.x.179.7 is the ip of the host. Now im getting

[root@cl-t091-040cl ~]# vzctl enter 102
entered into VE 102
[root@ve102 /]# ping google.com
PING google.com (64.233.167.99) 56(84) bytes of data.

You also have set a nameserver for VPS102, is it right?

2. Can you ping 64.233.167.99 from your HOST machine?

3. Please show the output of the following commands from your HOST machine
iptables -t filter -L
iptables -t nat -L

4. Can you run the following experiment:
- Enter into VPS
- Try to ping 64.233.167.99 from VPS
- At the same time on the host machine do the "tcpdump -n -i venet0"
And if it will be possible show the results of this command.

Report message to a moderator

Re: Network not availible. [message #21227 is a reply to message #21224]

Wed, 03 October 2007 15:13

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1.

Quote:

Report message to a moderator

Re: Network not availible. [message #21231 is a reply to message #21011]

Wed, 03 October 2007 15:44

dowdle
Messages: 261
Registered: December 2005
Location: Bozeman, Montana

Senior Member

Unless you have those virtual interfaces on your host node for some valid reason (I'm guessing not)... you need to remove them all.

You don't have to do any special NIC configuration on the hn to create NICs for your VPSes... vzctl does it all for you... and those virtual interfaces are blocking your VPSes from getting the packets.

Regarding name resolution, as was mentioned, you need to do a:

vzctl set {VEID} --nameserver {a.b.c.d} --save

I think if you wipe the slate clean with your network configuration (only have the hn set to it's own IP address and that's it) you'll be in business.

Nowhere in the OpenVZ quick install guide, wiki, manuals, etc... does it ever say you need to pre-configure the host node with virtual interfaces... and you are the second person I've run into who has done this.

--
TYL, Scott Dowdle
Belgrade, Montana, USA

Report message to a moderator

Re: Network not availible. [message #21232 is a reply to message #21011]

Wed, 03 October 2007 15:45

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Hello, i have done as requested.

I have also done the same for VPS102, and its the same as VPS101 - Communicates with the host and vice versa, but not the internet.

[[email]root@cl-t091-040cl[/email] ~]# ping 64.233.167.99
PING 64.233.167.99 (64.233.167.99) 56(84) bytes of data.
64 bytes from 64.233.167.99: icmp_seq=2 ttl=244 time=25.0 ms
64 bytes from 64.233.167.99: icmp_seq=6 ttl=244 time=24.9 ms
64 bytes from 64.233.167.99: icmp_seq=7 ttl=244 time=25.1 ms
64 bytes from 64.233.167.99: icmp_seq=8 ttl=244 time=24.8 ms
64 bytes from 64.233.167.99: icmp_seq=9 ttl=244 time=49.6 ms

[[email]root@cl-t091-040cl[/email] ~]# iptables -t filter -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[[email]root@cl-t091-040cl[/email] ~]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

And finally, the tcpdump

[[email]root@cl-t091-040cl[/email] ~]# tcpdump -n -i venet0
tcpdump: WARNING: arptype 65535 not supported by libpcap - falling back to cooked socket
tcpdump: WARNING: venet0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
11:40:10.282116 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 93, length 64
11:40:11.281370 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 94, length 64
11:40:12.281660 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 95, length 64
11:40:13.281932 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 96, length 64
11:40:14.281182 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 97, length 64
11:40:15.281471 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 98, length 64
11:40:16.281745 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 99, length 64
11:40:17.280992 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 100, length 64
11:40:18.281287 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 101, length 64
11:40:19.281555 IP 72.55.180.209 > 64.233.167.99: ICMP echo request, id 15214, seq 102, length 64

Quote:

I didnt set up the virtual alias. They where set up by my server provider.

I have now removed them, and the only interfaces are eth0, lo and venet0.

I have setup the --nameserver, pointing the address to my host node which has BindDNS installed.

[Updated on: Wed, 03 October 2007 15:48]

Report message to a moderator

Re: Network not availible. [message #21234 is a reply to message #21232]

Wed, 03 October 2007 16:03

dowdle
Messages: 261
Registered: December 2005
Location: Bozeman, Montana

Senior Member

I'm sure you already know this, but you don't really need to run your own DNS as long as you put in a valid DNS IP for nameserver... but perhaps you have other reasons to do so.

So, your VPSes can make it to the host but not go out, is that correct? Either you still have something weird with the network setup on your hn or your ISP isn't routing your additional (VPS) addresses... or it something I haven't run into before. Smile

If you traceroute to an address of one of your VPSes, is the last hop (even if it doesn't make it to your VPS) the same last hop as your host node? If so, then routing (that your hosting provider manages) is probably ok.

--
TYL, Scott Dowdle
Belgrade, Montana, USA

Report message to a moderator

Re: Network not availible. [message #21236 is a reply to message #21011]

Wed, 03 October 2007 16:27

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Hi, thanks for the advice. i've tried a trace route. And the VPS timeout when they reach my providers NOC. So are not making it to my server (72.55.179.7) never mind the VPS. Any ideas?

My Hosts IP

TraceRoute to 72.55.179.7 [ip-72-55-179-7.static.privatedns.com]

Hop (ms) (ms) (ms)  IP Address Host name 
1 5 1 0  66.98.244.1 gphou-66-98-244-1.ev1servers.net 
2 0 0 0  66.98.241.16 gphou-66-98-241-16.ev1servers.net 
3 0 0 0  66.98.240.15 gphou-66-98-240-15.ev1servers.net 
4 1 1 0  38.99.206.177 - 
5 1 1 1  66.28.6.141 g4-0-2.core01.iah01.atlas.cogentco.com 
6 16 15 15  66.28.4.106 p13-0.core01.mci01.atlas.cogentco.com 
7 27 27 30  66.28.4.34 p5-0.core02.ord01.atlas.cogentco.com 
8 27 27 27  66.28.4.61 p15-0.core01.ord01.atlas.cogentco.com 
9 45 44 44  154.54.1.57 p14-0.core01.alb02.atlas.cogentco.com 
10 125 167 152  154.54.7.26 p5-0.core01.ymq02.atlas.cogentco.com 
11 52 49 49  154.54.7.22 t7-1.mpd01.ymq02.atlas.cogentco.com 
12 50 50 50  38.20.35.86 vl3507.na22.b019082-1.ymq02.atlas.cogentco.com 
13 50 50 50  38.116.204.26 g1-1.mtl-hd-core03.cogent.iweb.ca 
14 74 55 55  209.172.50.81 g4-31.mtl-hd-core01.iweb.ca 
15 55 55 58  209.172.58.149 tg8-1.v999.mtl-cl-core04.iweb.ca 
16 58 56 55  72.55.179.7 ip-72-55-179-7.static.privatedns.com 

Trace complete

Any the VPS IP

TraceRoute to 72.55.180.209 [ip-72-55-180-209.static.privatedns.com]

Hop (ms) (ms) (ms)  IP Address Host name 
1 1 0 0  66.98.244.1 gphou-66-98-244-1.ev1servers.net 
2 0 0 0  66.98.241.16 gphou-66-98-241-16.ev1servers.net 
3 0 0 0  66.98.240.15 gphou-66-98-240-15.ev1servers.net 
4 2 1 0  38.99.206.177 - 
5 1 1 1  66.28.6.141 g4-0-2.core01.iah01.atlas.cogentco.com 
6 15 15 20  66.28.4.106 p13-0.core01.mci01.atlas.cogentco.com 
7 27 26 26  66.28.4.34 p5-0.core02.ord01.atlas.cogentco.com 
8 27 27 27  66.28.4.61 p15-0.core01.ord01.atlas.cogentco.com 
9 45 44 44  154.54.1.57 p14-0.core01.alb02.atlas.cogentco.com 
10 50 49 49  154.54.7.18 p14-0.core01.ymq02.atlas.cogentco.com 
11 50 49 50  154.54.7.22 t7-1.mpd01.ymq02.atlas.cogentco.com 
12 50 65 51  38.20.35.86 vl3507.na22.b019082-1.ymq02.atlas.cogentco.com 
13 50 50 50  38.116.204.26 g1-1.mtl-hd-core03.cogent.iweb.ca 
14 54 105 54  209.172.50.81 g4-31.mtl-hd-core01.iweb.ca 
15 55 55 55  209.172.58.149 tg8-1.v999.mtl-cl-core04.iweb.ca 
16 Timed out Timed out Timed out   - 
17 Timed out Timed out Timed out   - 
18 Timed out Timed out Timed out   - 
19 Timed out Timed out Timed out   - 

Trace aborted.

Report message to a moderator

Re: Network not availible. [message #21237 is a reply to message #21236]

Wed, 03 October 2007 16:40

dowdle
Messages: 261
Registered: December 2005
Location: Bozeman, Montana

Senior Member

Well, you have the same last hop (not counting the destination) so the routing appears to be ok... unless they are stopping it at that last hop. You can double-check with your hosting provider to ensure they aren't.

Other than that... hmmmm... perhaps you could show the output of everything again... so we can see that it is indeed all cleared up and you aren't missing some minor detail?!?

--
TYL, Scott Dowdle
Belgrade, Montana, USA

Report message to a moderator

Re: Network not availible. [message #21239 is a reply to message #21011]

Wed, 03 October 2007 16:55

Drew2k
Messages: 12
Registered: September 2007

Junior Member

I have e-mailed my provider to check on the traceroute. Not sure how quickly they will get back to me, as i dont have a managed account. I need to maintain the server myself or pay money.

I have just checked all the routes and ifconfigs pn the host and virtual nodes. and they are all the same as above.

Can you advise any other issued that this could be?

Report message to a moderator

Re: Network not availible. [message #21241 is a reply to message #21239]

Wed, 03 October 2007 17:02

dowdle
Messages: 261
Registered: December 2005
Location: Bozeman, Montana

Senior Member

Since your VPSes are fresh (because you haven't done much work on them yet because of the technical problems), dump one and recreate it from scratch and see if that makes one bit of difference... if you haven't done this already.

--
TYL, Scott Dowdle
Belgrade, Montana, USA

Report message to a moderator

Re: Network not availible. [message #21242 is a reply to message #21011]

Wed, 03 October 2007 17:12

Drew2k
Messages: 12
Registered: September 2007

Junior Member

I have already done this, several times. However i have just done it again without any sucsess.

I have just got a reply back from my provider, they are saying

Quote:

Hello, You should use the routed mode for your VPS instead of transparent orbridge mode. Your server (host) should to the routing (ip forwarding).

Does this shead any light?

Report message to a moderator

Re: Network not availible. [message #21245 is a reply to message #21242]

Wed, 03 October 2007 17:47

dowdle
Messages: 261
Registered: December 2005
Location: Bozeman, Montana

Senior Member

Does it shed light? Not really. All of your IPs are public, right? So why would it need forwarding? That doesn't make any sense to me.

--
TYL, Scott Dowdle
Belgrade, Montana, USA

Report message to a moderator

Re: Network not availible. [message #21302 is a reply to message #21011]

Thu, 04 October 2007 15:32

Drew2k
Messages: 12
Registered: September 2007

Junior Member

Ok, i have the VPS accessing the internet. I executed

iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 72.55.179.7

72.55.179.7 being my host. Now all VPS have access to the internet. However, the internet can not access the VPS.

Any ideas?

I've also noticed the following while restarting the network

[[email]root@cl-t091-040cl[/email] sysconfig]# /etc/init.d/network restart
Shutting down interface eth0:                              [  OK  ]
Shutting down interface venet0:                            [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Disabling IPv4 packet forwarding:  net.ipv4.ip_forward = 0
                                                           [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:                                [  OK  ]
Bringing up interface venet0:
Determining IP information for venet0... failed.
                                                           [FAILED]

however, i have enabled ip_forward in the /etc/sysctl.conf file.

[Updated on: Thu, 04 October 2007 16:24]

Report message to a moderator

Re: Network not availible. [message #21305 is a reply to message #21302]

Thu, 04 October 2007 17:09

dowdle
Messages: 261
Registered: December 2005
Location: Bozeman, Montana

Senior Member

You might check the Quick Install guide (http://wiki.openvz.org/Quick_installation)... as there are a few things to put in the sysctl.conf file. Why you missed at the least, that one parameter, I'm not sure... so there may be others you are missing that is causing the problem.

NATing isn't something you usually do unless you don't have public IPs... so just because you got half of it working the way you didn't doesn't mean that actually fixes anything.

--
TYL, Scott Dowdle
Belgrade, Montana, USA

Report message to a moderator

Re: Network not availible. [message #21308 is a reply to message #21011]

Thu, 04 October 2007 17:47

Drew2k
Messages: 12
Registered: September 2007

Junior Member

I have just read somewhere that SELINUX needs to be disabled in order to use OpenVZ.

I just checked my /etc/sysconfig/selinux file, and SELINUX=disabled, so that was turned off.

I just commented out all the other settings in the file, then restarted the box and now its all working.

VE communicate with each other and the host/internet and vice versa.

Thank you to everyone who helped.

Report message to a moderator

Re: Network not availible. [message #26636 is a reply to message #21308]

Tue, 29 January 2008 17:02

ricoche
Messages: 17
Registered: January 2008
Location: Nagano Japan

Junior Member

Drew2k wrote on Thu, 04 October 2007 13:47

The same thing happened to me. I commented out the rest of the lines in the /etc/sysconfig/selinux file and rebooted the computer. I then restarted the network after reboot and "Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0" was correctly changed to 1 as reflected in the /etc/sysctl.conf file.

This drove me nuts as I read the manual and had all the changes made. Everytime I restarted the network I got a net.ipv4.ip_forward = 0 when it should have been 1. Strange.

Jim

Report message to a moderator

Re: Network not availible. [message #31422 is a reply to message #21011]

Sat, 28 June 2008 18:46

boiddude
Messages: 1
Registered: June 2008
Location: AZ, USA

Junior Member

I was able to solve my problem in Centos 5 by using
/usr/bin/system-config-securitylevel-tui
and making sure that the network interface venet0 was trusted. It now works. Before I was getting the message
Bringing up interface venet0: SIOCADDRT: Network is unreachable

and it could ping other devices around my house using their ip addresses but not ssh or communicate to them other ways. I am not able to ping and do anything allowed by the other devices.

I hope this helps someone.

Paul

Report message to a moderator