OpenVZ Forum

Home » General » Support » How to pair veth devices between containers, not between container/host (Sharing network directly between containers)
How to pair veth devices between containers, not between container/host [message #53276] Mon, 06 August 2018 03:07 Go to previous message
Messages: 2
Registered: February 2014
Junior Member
From: 128.12.246*
I'm using OpenVZ 7 (with the 3.10 patched kernel and criu) - although my question also applies to OpenVZ 6 legacy (2.6.32 based kernel).

Reading over the documentation (and some support articles) on using veth, I mostly see the result of pairing a veth device between an individual container and the host. That is, the process creates a veth in the container, and another veth on the host. Other scenarios, like bridging, also involve a network interface on the host.

However, what I'd like to do is to share a veth (or venet, perhaps) device between two individual containers in such a way that the host is not ultimately involved or part of the picture. My goal can be stated figuratively as running a cable directly between two (or more) containers. In VMware, I can create a virtual network and assign various guests to use this network. In Qubes OS, one can use an existing VM to provide networking for derivative VMs.

When I attempt to do this using the information I've come across as a guideline, the process seems to involve creation of a veth device on the host. I don't mind this happening as a byproduct. But, I'd like to share veth devices between two separate containers. When I attempt to reference the same veth from two containers, then upon starting the second container, the first veth device "disappears" from the first container.

My use case includes the case where a container provides internet access by connecting to an external VPN server, and I want to let other containers "use" the connection provided by the VPN container. If I have a raw veth device, I can use local Linux networking to route traffic. But without a veth device paired between containers, I don't have a clear solution here. A small and desired extension to this would be to have more than one container share a veth (or venet) with a container - more than two in the pairing, that is.
Read Message
Read Message
Previous Topic: OpenVZ Container(centos7) cannot access internet
Next Topic: OpenVZ7 and HP smart array p400
Goto Forum:

Current Time: Tue Aug 21 05:42:34 GMT 2018