OpenVZ Forum

Home » General » Support » Confused with network interfaces...
Confused with network interfaces... [message #49769] Fri, 14 June 2013 18:50 Go to next message
Simson is currently offline  Simson
Messages: 2
Registered: June 2013
Junior Member
Hi OpenVZ-community,
I have problem with understanding network-interfaces and routing in openvz-container. Maybe someone could help me...

First of all, I do not know anything about openvz, I just have one VPS which happen to be openvz-container, so please be patient with me. My problem is, "ifconfig" says I have 3 network interfaces (while I think I should have only 2):

venet0:1 my.real.public.ip

There is apparently a lot of traffic (nearly all) going through "venet0", but I do not know where to use it in my iptables-rules. But it has the same IP as loopback-interface.

Normally, for loopback traffic I would use:
iptables -A INPUT -p all -i lo -j ACCEPT

Is this correct? Or should I use:
iptables -A INPUT -p all -i venet0 -j ACCEPT

Or both "lo" and "venet0" for loopback-traffic rules?

And what about non-local traffic, which interface is it passing through? Normally I would use:
iptables -A INPUT -p all -i eth0 ...

Which interface should I use now? venet0 or venet0:1?

And what about the third network-interface? Do I have to include it in iptables-rules too? What kind of traffic is going through it, local (like loopback/lo) or non-local (like eth0)?
Re: Confused with network interfaces... [message #49781 is a reply to message #49769] Sun, 16 June 2013 03:44 Go to previous messageGo to next message
Dagbar is currently offline  Dagbar
Messages: 1
Registered: June 2013
Junior Member
I'm glad I found this thread. I too am new to OpenVZ and venet. I'm posting here in the hope that you'll get a response I too can learn from.
Re: Confused with network interfaces... [message #49782 is a reply to message #49769] Sun, 16 June 2013 11:10 Go to previous message
Messages: 302
Registered: August 2009
Senior Member
use venet0 as you would use eth0, don't be confused as it has ip.
Previous Topic: Same IP address on multiple containers
Next Topic: Iptables connlimit rule does nothing inside CT
Goto Forum:

Current Time: Sun Jul 14 04:27:38 GMT 2024

Total time taken to generate the page: 0.02172 seconds