OpenVZ Forum


Home » Mailing lists » Users » Dual networks. Routing issue?
Dual networks. Routing issue? [message #43364] Wed, 31 August 2011 08:02 Go to next message
Einar S. Ids is currently offline  Einar S. Ids
Messages: 6
Registered: August 2011
Junior Member
From: *parallels.com
Hi,

We currently run a setup with a number of nodes. All of them are
connected to two different networks: Frontend ("the internet") and
backend (10.0.0.x). These two networks are connected to via separate
switches from separate ethernet ports. In this setup, all nodes can
communicate with eachother via both the frontend and backend. All
virtual hosts have IPs in the frontend-range, and can communicate with
eachother. However, I would like some of the virtual hosts to also be
able to communicate via the backend network, but so far I have been
unable to make this work.

I have tried to run vzctl with --ipadd 10.0.0.x. Upon entering the
virtual host, I see that ifconfig correctly reports venet0:1 with the
given IP (venet0:0 has the frontend IP). Trying to ping back and forth
between hosts and nodes on the backend network, this is what I've
found:
1. Virtual hosts can ping their local node. This is regardless of
whether the virtual host has had an IP in the backend network added.
2. Virtual hosts can ping other virtual hosts on the local node.
Similarly to (1), the pinging host does not need to have an IP on the
backend network.
3. Virtual hosts can not ping non-local nodes or non-local virtual hosts.
4. Nodes can ping non-local virtual hosts.

(Please recall that the frontend network works flawlessly.These issues
only concern the backend.)

My guess is that this is a routing issue, but to be honest I don't
know enough about routing to work out what's needed. Here's the output
from route on a node with two virtual hsots (I've masked the frontend
IP range as 9.9.9.x):

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
9.9.9.173 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
10.0.0.179 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
10.0.0.173 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
9.9.9.179 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
9.9.9.128 0.0.0.0 255.255.255.192 U 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 9.9.9.129 0.0.0.0 UG 0 0 0 eth0

The node IP is 9.9.9.138/10.0.0.138. The two virtual hosts are
9.9.9.179/10.0.0.179 and 9.9.9.173/10.0.0.173.

Here's the same output from the virtual host on x.x.x.179:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 venet0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 venet0

Can anyone advice?

Cheers,
Einar
RE: Dual networks. Routing issue? [message #43365 is a reply to message #43364] Wed, 31 August 2011 08:14 Go to previous messageGo to next message
CM [Sprintserve.net] is currently offline  CM [Sprintserve.net]
Messages: 2
Registered: August 2011
Junior Member
From: *parallels.com
-----Original Message-----
From: users-bounces@openvz.org [mailto:users-bounces@openvz.org] On Behalf
Of Einar S. Idsø
Sent: Wednesday, 31 August, 2011 4:02 PM
To: users@openvz.org
Subject: [Users] Dual networks. Routing issue?

Hi,

<snip>
Here's the same output from the virtual host on x.x.x.179:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0
venet0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0
venet0

Can anyone advice?

================

You need to add a route on the virtual host using the private IP as the
gateway:

i.e using your example

On the 1st VPS:

route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.179

On the 2nd VPS:

route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.173


Best Regards,
CM Ho
Re: Dual networks. Routing issue? [message #43366 is a reply to message #43365] Wed, 31 August 2011 08:36 Go to previous message
Einar S. Ids is currently offline  Einar S. Ids
Messages: 6
Registered: August 2011
Junior Member
From: *parallels.com
On Wed, Aug 31, 2011 at 10:14 AM, CM [Sprintserve.net]
<silver@sprintserve.net> wrote:
> You need to add a route on the virtual host using the private IP as the
> gateway:
>
> i.e using your example
>
> On the 1st VPS:
>
> route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.179
>
> On the 2nd VPS:
>
> route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.173
>
>
> Best Regards,
> CM Ho

Wow... I knew it had to be easy, but not that it was that easy! Thank
you so much, that did the trick! :)

Any chance I could ask you to please explain to me why this was needed
for the backend network but not for the frontend? I am a bit confused
as to the difference here.

Cheers,
Einar
Previous Topic: Kernel branches status change (stable: RHEL6, frozen: 2.6.27, 2.6.32, devel: none)
Next Topic: fuse filesystem inside a container?
Goto Forum:
  


Current Time: Sun Dec 08 01:15:44 GMT 2019