2010/3/15 Marat Stanichenko <[email protected]>: > Hi, > > as far as I understand, your network configuration is based on simple venet0 > interface. > Is that true? I suppose that you are faced with arp-problem but could you > please elaborate > your network configuration a little bit so one can understand what the exact > environment is. > It may be important if you are using several route tables. > "ip a l", "ip route list table all", "ip rule list", "arp -n" would be > enough I suppose. > > Let me give you a hint so that you will be able to cope with the problem by > yourself. > venet0 is working according the following principle. If a remote machine is > willing to communicate > with a VE it send "arp-who has" request. This type of request reaches a HN > and the HN is sending > "arp reply" to the remote machine (that's why "arp -n" output should contain > information about VE). > Then the remote machine sends network packets to the HN but because of the > additional route > (see "ip route list" output) all packets are going inside VE through the HN. > That's the principle of venet0 > interface.
Does this VE->HN happen within the driver/kernel or does each packet for VE go to some user level process in HN and then sent to the VE ? Kindly clarify. --Nirmal > > To catch the problem I recommend you using "tcpdump" utility. > > Stanichenko Marat > ________________________________________ > От: [email protected] [[email protected]] от имени Dragomir > Zhelev [[email protected]] > Отправлено: 15 марта 2010 г. 18:39 > Кому: [email protected] > Тема: [Users] strange network problem > > Hi all :) , > > > The problem is, that as containers are working, the network to someone > or more than one stops. it is not necessary that the container is one > and the same everytime. When I run ping to the container from the host > node, there is no reply.I can enter the container with "vzctl enter > XXX", but the problem stays. > The problem is fixed when I execute ""/sbin/ifdown venet0 && /sbin/ifup > venet0". > Sometimes this doesn't help, because in 1 min, another container could > stop. Sometimes it works normally for day or two without any problems, > but after that it could start happening every 5 mins. > I use the latest version of "centos" which is updated until the last > update available. The kernel is Linux ufo.myhost.com > 2.6.18-164.11.1.el5.028stab068.3 #1 SMP Wed Feb 17 15:22:30 MSK 2010 > x86_64 x86_64 x86_64 GNU/Linux > > > I have iptables rules only in FORWARD filter table and this rules are -j > ACCEPT for traffic counting all other tables and rules are flush and > with -P ACCEPT > > > > Regards. > _______________________________________________ > Users mailing list > [email protected] > https://openvz.org/mailman/listinfo/users > > _______________________________________________ > Users mailing list > [email protected] > https://openvz.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users
