| IP routing problems to VE after vps node reinstall. [message #34389] |
Sun, 28 December 2008 12:12  |
pug123
Messages: 22
Registered: July 2008
|
Junior Member |
|
|
Hello!
I'm running now about 20 vps nodes based on HyperVM interface(backend is openvz only).Last time I had to reinstall one of VPS nodes and ran into some routing problems which was really the first time. I have even reinstalled again this node but without success in solving this problem.
Here is short desciption:
All ips assigned to VPSes don't work. However if I add them (just for tests) as virtual interfaces ips like eth0:1 to the vps node they are working so it is not datacenter routing issue.
VPSes IPs are pingable from VPS node but not from outside.
What I found out is that they are not showing in the arp table.
When I issue arp command I can see only entry of router.
However when I issued:
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
all started working properly. I do not know if is the good way becouse openvz advises to disable proxy_arp.
Can you help me?
OS: Centos 5.2 (32bit)
kernel: ovzkernel-PAE (2.6.18-92.1.13.el5.028stab059.6PAE)
Iptables rules flushed (iptables -F)
[root@s06 ~]# cat /etc/sysctl.conf
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
# Enables the magic-sysrq key
kernel.sysrq = 1
# We do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
[root@s06 ~]#
Additionally when I have flushed iptables then pinging from VPS node to VPSes stopped working. It is working from outside(when proxy_arp is on of course)
Please help me to solve this problem as this is happend first time after so many installations.
Thank you in advance
[Updated on: Mon, 29 December 2008 07:06] Report message to a moderator |
|
|
|
|
|
| Re: IP routing problems to VE after vps node reinstall. [message #34398 is a reply to message #34395] |
Mon, 29 December 2008 15:18  |
pug123
Messages: 22
Registered: July 2008
|
Junior Member |
|
|
Hello Maratrus,
Here are details.
Vpses have IPs from different network. However it has worked on other nodes without problems. All ips are public.
Here are commands:
HN
[root@s06 /]# ip a l
2: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:1b:21:14:ba:6f brd ff:ff:ff:ff:ff:ff
inet 212.48.119.6/24 brd 212.48.119.255 scope global eth0
inet6 fe80::21b:21ff:fe14:ba6f/64 scope link
valid_lft forever preferred_lft forever
1: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
3: tunl0: <NOARP> mtu 1480 qdisc noop
link/ipip 0.0.0.0 brd 0.0.0.0
5: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/void
7: veth4480.0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue
link/ether 00:18:51:09:23:ea brd ff:ff:ff:ff:ff:ff
[root@s06 /]#
[root@s06 /]# ip rule list
0: from all lookup 255
32766: from all lookup main
32767: from all lookup default
[root@s06 /]#
[root@s06 /]# ip r l table all
212.72.189.248 dev venet0 scope link src 212.48.119.6
212.72.189.249 dev venet0 scope link src 212.48.119.6
212.72.189.250 dev venet0 scope link src 212.48.119.6
212.72.189.244 dev venet0 scope link src 212.48.119.6
212.72.189.245 dev venet0 scope link src 212.48.119.6
212.72.189.246 dev venet0 scope link src 212.48.119.6
212.72.189.247 dev venet0 scope link src 212.48.119.6
212.72.189.242 dev venet0 scope link src 212.48.119.6
212.72.189.243 dev venet0 scope link src 212.48.119.6
212.48.119.0/24 dev eth0 proto kernel scope link src 212.48.119.6
169.254.0.0/16 dev eth0 scope link
default via 212.48.119.1 dev eth0
broadcast 127.255.255.255 dev lo table 255 proto kernel scope link src 127.0.0.1
broadcast 212.48.119.255 dev eth0 table 255 proto kernel scope link src 212.48.119.6
local 212.48.119.6 dev eth0 table 255 proto kernel scope host src 212.48.119.6
broadcast 127.0.0.0 dev lo table 255 proto kernel scope link src 127.0.0.1
broadcast 212.48.119.0 dev eth0 table 255 proto kernel scope link src 212.48.119.6
local 127.0.0.1 dev lo table 255 proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo table 255 proto kernel scope host src 127.0.0.1
fe80::/64 dev eth0 metric 256 expires 21333704sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable default dev lo table unspec proto none metric -1 error -101 hoplimit 255
local ::1 via :: dev lo table 255 proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
local fe80::21b:21ff:fe14:ba6f via :: dev lo table 255 proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
ff00::/8 dev eth0 table 255 metric 256 expires 21333704sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable default dev lo table unspec proto none metric -1 error -101 hoplimit 255
[root@s06 /]#
[root@s06 /]# vzlist -a
CTID NPROC STATUS IP_ADDR HOSTNAME
4480 16 running 212.72.189.242 aaaaa
4490 16 running 212.72.189.247 teeesty
4500 4 running 212.72.189.249 test222
[root@s06 /]#
[Updated on: Mon, 29 December 2008 15:19] Report message to a moderator |
|
|
|
|
|
|
|
) 1 Vote
OpenVZ Forum
Members
Search
Help
Register
Login
Home
