Nirmal Guhan wrote on 25.06.2010 20:40:
2010/3/15 Marat Stanichenko <[email protected]>:
Hi,
as far as I understand, your network configuration is based on simple venet0
interface.
Is that true? I suppose that you are faced with arp-problem but could you
please elaborate
your network configuration a little bit so one can understand what the exact
environment is.
It may be important if you are using several route tables.
"ip a l", "ip route list table all", "ip rule list", "arp -n" would be enough
I suppose.
Let me give you a hint so that you will be able to cope with the problem by
yourself.
venet0 is working according the following principle. If a remote machine is
willing to communicate
with a VE it send "arp-who has" request. This type of request reaches a HN and
the HN is sending
"arp reply" to the remote machine (that's why "arp -n" output should contain
information about VE).
Then the remote machine sends network packets to the HN but because of the
additional route
(see "ip route list" output) all packets are going inside VE through the HN.
That's the principle of venet0
interface.
Does this VE->HN happen within the driver/kernel or does each packet
for VE go to some user level process in HN and then sent to the VE ?
Kindly clarify.
--Nirmal
There is NO user level process on the HN that receives VE's packets.
Everything processed inside the kernel.
-- Stanichenko Marat
To catch the problem I recommend you using "tcpdump" utility.
Stanichenko Marat
________________________________________
От: [email protected] [[email protected]] от имени Dragomir
Zhelev [[email protected]]
Отправлено: 15 марта 2010 г. 18:39
Кому: [email protected]
Тема: [Users] strange network problem
Hi all :) ,
The problem is, that as containers are working, the network to someone
or more than one stops. it is not necessary that the container is one
and the same everytime. When I run ping to the container from the host
node, there is no reply.I can enter the container with "vzctl enter
XXX", but the problem stays.
The problem is fixed when I execute ""/sbin/ifdown venet0 && /sbin/ifup
venet0".
Sometimes this doesn't help, because in 1 min, another container could
stop. Sometimes it works normally for day or two without any problems,
but after that it could start happening every 5 mins.
I use the latest version of "centos" which is updated until the last
update available. The kernel is Linux ufo.myhost.com
2.6.18-164.11.1.el5.028stab068.3 #1 SMP Wed Feb 17 15:22:30 MSK 2010
x86_64 x86_64 x86_64 GNU/Linux
I have iptables rules only in FORWARD filter table and this rules are -j
ACCEPT for traffic counting all other tables and rules are flush and
with -P ACCEPT
Regards.
_______________________________________________
Users mailing list
[email protected]
https://openvz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
https://openvz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
https://openvz.org/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
https://openvz.org/mailman/listinfo/users
