 How to report networking-related problems [message #27545] |
Tue, 19 February 2008 11:16  |
xemul
Messages: 248
Registered: November 2005
|
Senior Member |
|
|
When you have some problems with networking and going to report it here, most likely we will need to know three things:
- Routing rules
- Netfilter configuration
- Packets paths
Routing rules can be obtained by the ip rule list command. If the problem concerns VEs, then we need both HN and VE routing rules. Routing tables can be dumped altogether via ip route list table all.
Netfilter configuration is discovered by the iptables -t nat -L && iptables -t filter -L && iptables -t mangle -L command. BTW, in many cases network traffic doesn't leave/enter the HN due to bad netfilter configuration, so flushing the rules with iptables -F may help.
You need to understand how the packet goes and whether this path is correct from your point of view. This applies to both, incoming and outgoing traffic.
Packet paths can be observed via the tcpdump tool. In most of the cases you should launch the tcpdump -i <if> -e host <ip>, where the <if> is the interface name you're experience problems with and the <ip> is the IP address relevant to you traffic (e.g. if you can't ping kernel.org, then the <ip> is the kernel.org's IP).
For a generic case of venet VE outgoing packet should flow via VE's venet0 interface, VE0 venet0 interface and ethN in the HN.
So, you should observe the packet on each interface above. Incoming packets fly in the reversed order and you also should observe them there.
In case veth device is used packets also pass bridge interfaces in VE0.
With this information provided, the problem can at least be tried to be solved.
Thanks.
[Updated on: Wed, 20 February 2008 08:58] Report message to a moderator |
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
