OpenVZ Forum


Home » General » Support » No Network Connection using Precreated Templates: centos-7-x86_64-minimal, fedora-22-x86_64 (This worked in the past for CentOS 7 minimal, and networking does work at CentOS 7 (not minimal))
No Network Connection using Precreated Templates: centos-7-x86_64-minimal, fedora-22-x86_64 [message #52137] Wed, 12 August 2015 01:17 Go to next message
i2internet is currently offline  i2internet
Messages: 2
Registered: August 2015
Location: USA
Junior Member
From: *west.biz.rr.com
This worked in the past for CentOS 7 minimal, and networking does work at CentOS 7 (not minimal)

We have created quite a few CentOS 7 containers in the past using the CentOS 7 minimal template available at the time and there was never any issue pinging a device in the outside world from the container, nor in pinging the container itself.

After container creation, when entering containers created using the latest templates for CentOS 7 minimal, and Fedora 22, we are not able to Ping the outside world, nor Ping the container itself. What has changed, and/or what can we do to activate networking on fresh installs of these operating systems?

In contrast, the latest CentOS 7 template (not minimal) works as expected with respect to networking upon container creation.

---

[root@w61 /]# ip route list table all
169.254.0.0/16 dev venet0 scope link metric 1002
default dev venet0 scope link
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev venet0 table local proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
unreachable ::/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable 2002:a00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable 2002:7f00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable 2002:ac10::/28 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable 2002:e000::/19 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
unreachable 3ffe:ffff::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 0
default dev venet0 metric 1 mtu 1500 advmss 1440 hoplimit 0
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 hoplimit 255
local ::1 via :: dev lo table local proto none metric 0 mtu 16436 advmss 16376 hoplimit 0
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 hoplimit 255
[root@w61 /]# iptables -t nat -L && iptables -t filter -L && iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
[root@w61 /]# tcpdump -i venet0 -e host 192.99.110.61
-bash: tcpdump: command not found


Kevin JT Binder
i2 Internet Incorporated
www.i2internet.com

[Updated on: Wed, 12 August 2015 18:46]

Report message to a moderator

Re: No Network Connection using Precreated Templates: centos-7-x86_64-minimal, fedora-22-x86_64 [message #52139 is a reply to message #52137] Fri, 14 August 2015 13:35 Go to previous messageGo to next message
curx
Messages: 739
Registered: February 2006
Location: N├╝rnberg, Germany
Senior Member

From: *dip0.t-ipconnect.de
do have configured you container network?
Actually you have only a zeroconf net in this ct, see "route 169.254.0.0/16 dev venet0 scope link metric 1002"

-thorsten
SOLVED for CentOS 7 w/vzctl v4.9 -- Re: No Network Connection w/Templates: centos-7 min, fedora-22 [message #52140 is a reply to message #52139] Fri, 14 August 2015 18:17 Go to previous message
i2internet is currently offline  i2internet
Messages: 2
Registered: August 2015
Location: USA
Junior Member
From: *hfc.comcastbusiness.net
Thank you, Thorsten, for the followup. Your inquiry prompted further investigation which led to a solution as described below.

It turns out that there is a bug at vzctl version 4.8 which is resolved at vzctl version 4.9 as described here:

bugs.openvz.org/browse/OVZ-6213

The following two posts are what led me to discover the bug:

lists.openvz.org/pipermail/users/2015-March/006121.html
forum.openvz.org/index.php?t=msg&goto=51927&S=fe9d7a a769a04310e3433dd08662ab1e


WHAT'S BELOW APPLIES TO CENTOS 7 (but not FEDORA 22 per se):

I found that I could activate networking by calling either of the following two commands after container boot:

ip addr add 192.99.88.77 dev venet0

- or -

ifup ifcfg-venet0:0 (for CENTOS 7)

(Using either of the two above commands seemed to work for CentOS 7; whereas using just the command at bottom without ":0" for Fedora 22 seemed to work.)

With vzctl version 4.8 I was running, on reboot, networking went away. After upgrading vzctl to version 4.9 (4.9.3) I found that it was no longer necessary to call either of the above commands.

This apparently had something to do with the ARPCHECK setting. The workaround for vzctl 4.8 apparently was to set ARPCHECK to "no".

Though I don't know for certain, I expect all of the above has something to do with the following output that is shown when starting up OpenVZ containers such as this at this particular datacenter:

Adding IP address(es): 192.99.88.77
arpsend: 192.99.88.77 is detected on another computer : 00:ff:ff:ff:ff:ff
vps-net_add WARNING: arpsend -c 1 -w 1 -D -e 192.99.88.77 eth0 FAILED

Using version 4.9.3, I have confirmed that no manual steps are needed to activate networking when starting up the OpenVZ CentOS 7 minimal.


WHAT'S BELOW APPLIES TO FEDORA 22:

I've seen some similar behavior with the Fedora 22 template, but to manually activate networking the following (without ":0") seemed to work:

ifup ifcfg-venet0 (for FEDORA 22)

Note that for Fedora 22, simply updating vzctl to version 4.9 did not seem to resolve the issue seen here: networking does not appear to become active until the command shown immediately above is run, even when using version 4.9.3 of vzctl.

At present, then, I still need a solution which does not require manual calling of "ifup ifcfg-venet0" after reboot. Any suggestions? Introduce a script that calls this at startup, or something better?


Kevin JT Binder
i2 Internet Incorporated
www.i2internet.com

[Updated on: Fri, 14 August 2015 19:58]

Report message to a moderator

Previous Topic: Coud not start conteners form openvz 2.4.42 Centos6.1 to virtuozzo 3.10 CentOS 7.1
Next Topic: Using OpenVPN to access containers in OpenVZ host
Goto Forum:
  


Current Time: Fri Oct 18 23:37:06 GMT 2019