note 1. An LXC container is attached to sx1 10.207.29.12 in a VM as shown
below. Interface enp0s8 is the virtual NIC of the VM. Interface enp0s8 is
a port on OvS sx1.
I can ping the DNS/DHCP server from the VM.
[ubuntu@ol74a-server ~]$ ifconfig enp0s8
enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::6fa9:356a:157c:f4df prefixlen 64 scopeid 0x20<link>
ether 08:00:27:78:ba:24 txqueuelen 1000 (Ethernet)
RX packets 26 bytes 2660 (2.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 37 bytes 4778 (4.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[ubuntu@ol74a-server ~]$ ifconfig sx1
sx1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1420
inet 10.207.29.12 netmask 255.255.255.0 broadcast 10.207.29.255
inet6 fe80::a00:27ff:fe78:ba24 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:78:ba:24 txqueuelen 0 (Ethernet)
RX packets 34 bytes 4404 (4.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9 bytes 690 (690.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[ubuntu@ol74a-server ~]$ sudo ovs-vsctl show
1136907e-2980-4387-a939-7ca072762a96
Bridge "sx1"
Port "oel73c11"
Interface "oel73c11"
Port "a3"
Interface "a3"
Port "enp0s8"
Interface "enp0s8"
Port "a1"
Interface "a1"
Port "a2"
Interface "a2"
Port "sx1"
Interface "sx1"
type: internal
note 2: I can ping "olive" the DNS/DHCP server from the VM, I can ssh to
"olive" and there demonstrate that the requisite DNS/DHCP is active and
working:
[ubuntu@ol74a-server ~]$ ping -c 3 olive
PING olive.urdomain1.com (10.207.39.2) 56(84) bytes of data.
64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=1 ttl=64
time=2.88 ms
64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=2 ttl=64
time=0.440 ms
64 bytes from olive.urdomain1.com (10.207.39.2): icmp_seq=3 ttl=64
time=0.451 ms
--- olive.urdomain1.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.440/1.257/2.882/1.149 ms
[ubuntu@ol74a-server ~]$ ssh olive
ubuntu@olive's password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.13.0-17-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Last login: Thu Nov 23 23:24:49 2017 from 10.207.39.1
ubuntu@olive:~$ service isc-dhcp-server status
Failed to connect to bus: No such file or directory
Failed to connect to bus: No such file or directory
ubuntu@olive:~$ sudo service isc-dhcp-server status
[sudo] password for ubuntu:
● isc-dhcp-server.service - ISC DHCP IPv4 server
Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled;
vendor preset: enabled)
Active: active (running) since Thu 2017-11-23 23:43:09 UTC; 7min ago
Docs: man:dhcpd(8)
Main PID: 187 (dhcpd)
CGroup: /system.slice/isc-dhcp-server.service
└─187 dhcpd -user dhcpd -group dhcpd -f -4 -pf
/run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf eth0 eth1
Nov 23 23:44:22 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:22 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:44:34 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:34 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:44:48 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:48 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:44:59 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:44:59 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
Nov 23 23:45:08 olive dhcpd[187]: DHCPDISCOVER from 00:16:3e:99:78:05
(oel73c11) via eth1
Nov 23 23:45:08 olive dhcpd[187]: DHCPOFFER on 10.207.29.13 to
00:16:3e:99:78:05 (oel73c11) via eth1
ubuntu@olive:~$ sudo service bind9 status
● bind9.service - BIND Domain Name Server
Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor
preset: enabled)
Drop-In: /run/systemd/generator/bind9.service.d
└─50-insserv.conf-$named.conf
Active: active (running) since Thu 2017-11-23 23:43:09 UTC; 7min ago
Docs: man:named(8)
Main PID: 185 (named)
CGroup: /system.slice/bind9.service
└─185 /usr/sbin/named -f -u bind
Nov 23 23:43:09 olive named[185]: zone 27.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 22.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone urdomain2.com/IN: loaded serial
1610212002
Nov 23 23:43:09 olive named[185]: zone 20.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 127.in-addr.arpa/IN: loaded serial 1
Nov 23 23:43:09 olive named[185]: zone 21.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 168.192.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: zone 24.172.in-addr.arpa/IN: loaded
serial 1
Nov 23 23:43:09 olive named[185]: all zones loaded
Nov 23 23:43:09 olive named[185]: running
ubuntu@olive:~$ exit
logout
Connection to olive closed.
[ubuntu@ol74a-server ~]$ nslookup ol74a-server
Server: 10.207.29.2
Address: 10.207.29.2#53
Name: ol74a-server.urdomain1.com
Address: 10.207.39.12
[ubuntu@ol74a-server ~]$
note 3: In summary, a container "olive" provides containerized DNS/DHCP
services, and the VM can successfully use those DNS/DHCP services.
note 4: Now I start LXC container "oel73c11" on OvS sx1 but I have no
connectivity to the 10.207.29.x network. I get
[root@oel73c11 /]# ping 10.207.29.2
connect: Network is unreachable
When I trace packets with dhcpdump on the physical host I get nothing if
only eth0 on sx1 is started in the oel73c11 container, but if set eth0 in
oel73c11 container to start on the default lxcbr0 (which can reach
10.207.29.2 olive) now I get a DHCPNAK message as shown below.
ubuntu@athens:~$ sudo dhcpdump -i sx1
TIME: 2017-11-23 18:02:19.534
IP: 0.0.0.0 (0:16:3e:99:78:8) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 1 (BOOTPREQUEST)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 41de231b
SECS: 0
FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 3 (DHCPREQUEST)
OPTION: 50 ( 4) Request IP address 10.42.147.244
OPTION: 12 ( 8) Host name oel73c11
OPTION: 55 ( 13) Parameter Request List 1 (Subnet mask)
28 (Broadcast address)
2 (Time offset)
121 (Classless Static Route)
15 (Domainname)
6 (DNS server)
12 (Host name)
40 (NIS domain)
41 (NIS servers)
42 (NTP servers)
26 (Interface MTU)
119 (Domain Search)
3 (Routers)
---------------------------------------------------------------------------
TIME: 2017-11-23 18:02:19.534
IP: 10.207.29.2 (0:16:3e:ce:de:26) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 2 (BOOTPREPLY)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 41de231b
SECS: 0
FLAGS: 7f80
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 6 (DHCPNAK)
OPTION: 54 ( 4) Server identifier 10.207.29.2
OPTION: 56 ( 31) Message requested address not available
---------------------------------------------------------------------------
TIME: 2017-11-23 18:02:19.534
IP: 0.0.0.0 (0:16:3e:99:78:8) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 1 (BOOTPREQUEST)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 3e62b47c
SECS: 0
FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 00:16:3e:99:78:08:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 1 (DHCPDISCOVER)
OPTION: 12 ( 8) Host name oel73c11
OPTION: 55 ( 13) Parameter Request List 1 (Subnet mask)
28 (Broadcast address)
2 (Time offset)
121 (Classless Static Route)
15 (Domainname)
6 (DNS server)
12 (Host name)
40 (NIS domain)
41 (NIS servers)
42 (NTP servers)
26 (Interface MTU)
119 (Domain Search)
3 (Routers)
---------------------------------------------------------------------------
Are there any additional settings needed to get DHCP to work from an LXC
container going through a VM to the physical host where the DNS/DHCP is
running?
container--> sx1 on VM --> sx1 on Phys Host --> olivex port on sx1 --> olive
Thanks,
--
Gilbert Standen
Creator Orabuntu-LXC
914-261-4594
[email protected]
_______________________________________________
discuss mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
