Your message dated Mon, 25 Sep 2006 22:47:11 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#387762: fixed in vzctl 3.0.10-4
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: vzctl
Version: 3.0.10-3
Severity: grave
(Sorry and thankful in advance this time ;) It is a long bug report.)
I am now running a second setup of etch with OpenVZ. However, this
setup has more than one public IP address. One IP is assigned to the
host system and each additional IP is assigned to its own vps. I used
the vanilla source 2.6.16 + OpenVZ patch and did configure the kernel
by hand.
I encountered a problem:
On a regular debian system
/proc/sys/net/ipv4/conf/eth0/proxy_arp is set to 0.
If this is the case
ip neigh add proxy <publicIP> dev eth0
(taken from /usr/lib/vzctl/scripts/vps-functions ~line 111)
has absolutely no effect! (But does not drop an error msg either!)
By "no effect" I mean that I am unable to access the vps with its
public IP from anywhere except from the host system because arp
requests for the public IP of the vps are not answered.
After I had determined where the problem was, I and did a rather ugly
workaround by editing /usr/lib/vzctl/scripts/vps-functions:
function vzarp()
{
local DEV
[ -z "${NETDEVICES}" ] && vzwarning "Device list is empty"
for DEV in $NETDEVICES; do
sysctl -w net.ipv4.conf.$DEV.proxy_arp=1
${IP_CMD} neigh $1 proxy $2 dev $DEV > /dev/null 2>&1
done
}
It works - but sysctl is executed on every single vps start (and
stop?). In addition to those repeated executes of sysctl it might not
be the greatest idea to add arp proxy support for private IPs to every
local net device. What does the VE_ROUTE_SRC_DEV="eth0" value in
/etc/vz/vz.conf exactly do btw? Maybe one(tm) could add a similar item
which overrides $NETDEVICES filled by function vzgetnetdev() in
/usr/lib/vzctl/scripts/vps-functions.
There are other values I found flying around in connection with OpenVZ:
net.ipv4.ip_forward = 1 (can be manually set via /etc/network/options)
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
(net.ipv4.tcp_ecn = 0)
One value (in my case net.ipv4.conf.venet0.send_redirects = 0) is set
in /etc/init.d/vz in line 165. What about the other values? Shouldn't
they be checked/set?
This one really took me some time (and not just the report) ... :-/
--- End Message ---
--- Begin Message ---
Source: vzctl
Source-Version: 3.0.10-4
We believe that the bug you reported is fixed in the latest version of
vzctl, which is due to be installed in the Debian FTP archive:
vzctl_3.0.10-4.diff.gz
to pool/main/v/vzctl/vzctl_3.0.10-4.diff.gz
vzctl_3.0.10-4.dsc
to pool/main/v/vzctl/vzctl_3.0.10-4.dsc
vzctl_3.0.10-4_i386.deb
to pool/main/v/vzctl/vzctl_3.0.10-4_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ola Lundqvist <[EMAIL PROTECTED]> (supplier of updated vzctl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 26 Sep 2006 07:31:58 +0200
Source: vzctl
Binary: vzctl
Architecture: source i386
Version: 3.0.10-4
Distribution: unstable
Urgency: low
Maintainer: Ola Lundqvist <[EMAIL PROTECTED]>
Changed-By: Ola Lundqvist <[EMAIL PROTECTED]>
Description:
vzctl - server virtualization solution - control tools
Closes: 387417 387762
Changes:
vzctl (3.0.10-4) unstable; urgency=low
.
* Warning and documentation for proxy_arp issue, closes: #387762.
* Added dependency on iproute package, closes: #387417.
Files:
b221a53ee3337e7cc76c7a86a69d3dea 554 admin optional vzctl_3.0.10-4.dsc
2827f323a69ec47ab4daf995504ee6f3 4293 admin optional vzctl_3.0.10-4.diff.gz
0d7f51b797c3a424d7ceeb18cef0a6ce 157234 admin optional vzctl_3.0.10-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFGLv6GKGxzw/lPdkRAgouAJ9d3L/uIZhuOXYLrYSZ8Nh7t1ANDwCfQFOk
JLeoiIV7+vaHO7O+vYUCfBk=
=0JfS
-----END PGP SIGNATURE-----
--- End Message ---
