OpenVZ Forum: Support » Dual veth interfaces

Home » General » Support » Dual veth interfaces

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Dual veth interfaces [message #4604]

Mon, 17 July 2006 19:20

foxxfiles
Messages: 12
Registered: July 2006

Junior Member

HI.
I have a problem.

I need configure some VPS on a Host Server with 2 interfaces.

Iam try with NAT but i dont know how not work.

Now iam compile with kernel 2.6.16 with ovz patch with the veth support.

I need all VPSs have can see 2 networks with 2 veth devices. But only can see the interface with the defualt gw according with

http://wiki.openvz.org/Virtual_Ethernet_device

But i cant see the other network on second veth interface.

this is the schema:

200.25.123.2eth0-host<---->200.25.123.2veth101.0-eth0-vps
192.168.156.33eth1-veth101.1-vps<----->192.168.156.1eth1

Fernando.

Report message to a moderator

Re: Dual veth interfaces [message #4613 is a reply to message #4604]

Tue, 18 July 2006 08:57

Andrey Mirkin
Messages: 193
Registered: May 2006

Senior Member

As I understand you have 2 network interfaces (eth0 and eth1) on host node, which are connected to different network segments (outside network and virtual subnetwork 192.168.156.0). And you need to configure 2 veth devices to be able to reach these network segments.

Besides steps from http://wiki.openvz.org/Virtual_Ethernet_device you need to add routes inside VPS:

[vps]# ip ro add 192.168.156.0/24 dev eth1
[vps]# ip ro add default dev eth0

Also you will need to add NAT rule to iptables on host node:

[host-node]# iptables -t nat -A POSTROUTING -s 192.168.156.0/24 --out-interface eth0 -j SNAT --to-source 200.25.123.2

Andrey Mirkin

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: Dual veth interfaces [message #4615 is a reply to message #4604]

Tue, 18 July 2006 09:49

AngelMC
Messages: 2
Registered: July 2006

Junior Member

foxxfiles wrote on Mon, 17 July 2006 15:20

HI.
Iam try with NAT but i dont know how not work.

I think that your problem is NAT routing.

Report message to a moderator

Re: Dual veth interfaces [message #4622 is a reply to message #4613]

Tue, 18 July 2006 17:43

foxxfiles
Messages: 12
Registered: July 2006

Junior Member

Hi.

The logic is this you say. but i dont know where i am fail.

look.

host-node# ifconfig veth101.0 0
host-node# ifconfig veth101.1 0
host-node# echo 1 > /proc/sys/net/ipv4/conf/veth101.0/forwarding
host-node# echo 1 > /proc/sys/net/ipv4/conf/veth101.0/proxy_arp
host-node# echo 1 > /proc/sys/net/ipv4/conf/veth101.1/forwarding
host-node# echo 1 > /proc/sys/net/ipv4/conf/veth101.1/proxy_arp
host-node# echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
host-node# echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
host-node# echo 1 > /proc/sys/net/ipv4/conf/eth1/forwarding
host-node# echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp

test-vps# /sbin/ifconfig eth0 0
test-vps# /sbin/ifconfig eth1 0
test-vps# /sbin/ip addr add 200.25.96.2 dev eth0
test-vps# /sbin/ip addr add 192.168.156.252 dev eth1
test-vps# /sbin/ip ro add 192.168.156.0/24 dev eth1
test-vps# /sbin/ip route add default dev eth0

host-node# /sbin/ip route add 192.168.156.252 dev veth101.1
host-node# /sbin/ip route add 200.25.96.2 dev veth101.0

After This on other host 2 interfaces with communication on 2 Networks.

fox@otherhost:~$ ping 192.168.156.252
PING 192.168.156.252 (192.168.156.252) 56(84) bytes of data.
From 192.168.156.5 icmp_seq=2 Destination Host Unreachable
From 192.168.156.5 icmp_seq=3 Destination Host Unreachable
From 192.168.156.5 icmp_seq=4 Destination Host Unreachable

--- 192.168.156.252 ping statistics ---
6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5010ms
, pipe 3

fox@otherhost:~$ ping 200.25.96.2
PING 200.25.96.2 (200.25.96.2) 56(84) bytes of data.
64 bytes from 200.25.96.2: icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from 200.25.96.2: icmp_seq=2 ttl=64 time=0.035 ms

--- 2200.25.96.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.035/0.040/0.045/0.005 ms

Only work the interface with the default gw on VPS.
Iam omit some step?
Howto make Work this.

Fernando

Report message to a moderator

Re: Dual veth interfaces [message #4627 is a reply to message #4622]

Wed, 19 July 2006 08:41

Andrey Mirkin
Messages: 193
Registered: May 2006

Senior Member

Do you have routes for 192.168.156.0 subnetwork on "otherhost" node? What network interfaces do you have on "otherhost"? What IP addresses are assigned to network interfaces on "otherhost"?
Can you post here routes list on "host-node" and "otherhost".

Andrey Mirkin

Report message to a moderator

Re: Dual veth interfaces [message #4636 is a reply to message #4622]

Wed, 19 July 2006 21:02

foxxfiles
Messages: 12
Registered: July 2006

Junior Member

This is ethernet Configuration of the enviroment

200.25.96.7-eth0-otherhost-eth1-192.168.156.6
200.25.96.3-eth0-host-node-eth1-192.168.156.5
200.25.96.2-eth0-test-vps-eth1-192.168.156.252

-----------------------------------------------------

host-node:/home/fox# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface

200.25.96.2 * 255.255.255.255 UH 0 0 0 veth101.0
192.168.156.252 * 255.255.255.255 UH 0 0 0 veth101.1 1
localnet * 255.255.255.240 U 0 0 0 eth0
192.168.156.0 * 255.255.255.0 U 0 0 0 eth1
default gw.somedomain.com 0.0.0.0 UG 0 0 0 eth0
host-node:/home/fox#

------------------------------------------------------------ -----

test-vps:/# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
191.255.255.1 * 255.255.255.255 UH 0 0 0 venet0
192.168.156.0 * 255.255.255.0 U 0 0 0 eth1
default * 0.0.0.0 U 0 0 0 eth0
test-vps:/#

------------------------------------------------------------ -----
otherhost:/home/fox# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.240 U 0 0 0 eth0
192.168.156.0 * 255.255.255.0 U 0 0 0 eth1
default gw.somedomain.com 0.0.0.0 UG 0 0 0 eth0
otherhost:/home/fox#

------------------------------------------------------------ ---

Fernando

Report message to a moderator

Re: Dual veth interfaces [message #4667 is a reply to message #4636]

Fri, 21 July 2006 08:36

Andrey Mirkin
Messages: 193
Registered: May 2006

Senior Member

Does otherhost-eth1 connected directly to host-node-eth1?

Please check with help of tcpdump that ICMP packets (ping) from otherhost reach interfaces host-node-eth1 and host-node-veth101.1.

Andrey Mirkin

Report message to a moderator

Re: Dual veth interfaces [message #4692 is a reply to message #4667]

Fri, 21 July 2006 19:50

foxxfiles
Messages: 12
Registered: July 2006

Junior Member

Yes the eth1-host-node and eth1-otherhost connected to a swiche.
and recibe ping.

from host-node ping to test-vps and recibe this :

fox@host-node:~$ ping 192.168.156.252
PING 192.168.156.252 (192.168.156.252) 56(84) bytes of data.
From 200.25.96.3 icmp_seq=2 Destination Host Unreachable
From 200.25.96.3 icmp_seq=3 Destination Host Unreachable
From 200.25.96.3 icmp_seq=4 Destination Host Unreachable
From 200.25.96.3 icmp_seq=6 Destination Host Unreachable
From 200.25.96.3 icmp_seq=7 Destination Host Unreachable
From 200.25.96.3 icmp_seq=8 Destination Host Unreachable
From 200.25.96.3 icmp_seq=10 Destination Host Unreachable
From 200.25.96.3 icmp_seq=11 Destination Host Unreachable
From 200.25.96.3 icmp_seq=12 Destination Host Unreachable
From 200.25.96.3 icmp_seq=14 Destination Host Unreachable
From 200.25.96.3 icmp_seq=15 Destination Host Unreachable
From 200.25.96.3 icmp_seq=16 Destination Host Unreachable

--- 192.168.156.252 ping statistics ---
18 packets transmitted, 0 received, +12 errors, 100% packet loss, time 16999ms
, pipe 3
fox@host-node:~$

------------------------------------------------------------ --
Tcpdump report trafic only on lo device

14:47:05.692075 IP host-node.somedomain.com> host-node.somedomain.com: icmp 64: echo request seq 163
14:47:05.692100 IP host-node.somedomain.com > host-node.somedomain.com: icmp 64: echo reply seq 163
14:47:06.691569 IP host-node.somedomain.com > host-node.somedomain.com: icmp 64: echo request seq 164
14:47:06.691591 IP host-node.somedomain.com > host-node.somedomain.com: icmp 64: echo reply seq 164
14:47:05.692075 IP host-node.somedomain.com > host-node.somedomain.com: icmp 64: echo request seq 163
14:47:05.692100 IP host-node.somedomain.com > host-node.somedomain.com: icmp 64: echo reply seq 163
14:47:06.691569 IP host-node.somedomain.com > host-node.somedomain.com: icmp 64: echo request seq 164
14:47:06.691591 IP host-node.somedomain.com > host-node.somedomain.com: icmp 64: echo reply seq 164

Any Idea?

Report message to a moderator

Re: Dual veth interfaces [message #4750 is a reply to message #4692]

Tue, 25 July 2006 12:16

Andrey Mirkin
Messages: 193
Registered: May 2006

Senior Member

I'm sorry for not answering so long.

Just assign IPs to veth devices in VE0.
To veth101.0 you must assign IP from 200.25.96.0 network.
To veth101.1 you must assign IP from 192.168.156.0 network.

Andrey Mirkin

Report message to a moderator