More OpenVZ Tips

August 26th, 2007
vps-net_add WARNING: arpsend -c 1 -w 1 -D  -e x.x.x.x eth1 FAILED

I think this is caused by having two network interfaces on the hardware node. I thought I might be able to use only venet, but I believe I'll have to use veth and create a bridge between the desired card and the vm, as described here. * <from_interface> MP eth0 * <from_interface> MP eth1

For some reason, the upstream gateway is responding to arp requests saying that it has that ip address. Odd. I'm wondering if that ip address really is taken somewhere up the stream. I doubt it actually, I've tried a few different random strings but they all collide.

# Send ARP request to detect that somebody already have this IP

function vzarpipdetect(){        local DEV        local ip        local cmd        [ -z "${1}" ] && return        [ "${SKIP_ARPDETECT}" = "yes" ] && return        for ip in ${1}; do                cmd="$cmd -e $ip"        done        for DEV in $NETDEVICES; do                ${ARPSEND_CMD} -D ${cmd} $DEV || vzwarning "${ARPSEND_CMD} -D ${cmd} $DEV FAILED"        done}

Found this in vps-functions.

This definitely occurs due to multiple cards.

Didn't work for me: /sbin/ip rule add from table 12/sbin/ip route add default dev eth0 via table 12#ip rule list

0: from all lookup 255

32765: from lookup 10

32766: from all lookup main

32767: from all lookup default

default via dev eth0 # ip route get from from via dev eth0 cache mtu 1500 advmss 1460 hoplimit 64


Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

x.x.x.x * U 0 0 0 eth1 * U 0 0 0 eth0 UG 0 0 0 eth0

default UG 0 0 0 eth1

franklin:~# ip route show dev eth1 proto kernel scope link src dev eth0 scope link via dev eth0

default via dev eth1

franklin:~# ip rule show

0: from all lookup 255

32764: from all to lookup 10

32765: from to lookup 10

32766: from all lookup main

32767: from all lookup default

franklin:~# ip route show table 10

default via dev eth0

Whoa this was a confusing task. Took me all day! The iproute2 routing rules and tables are great, an pretty similar to iptables, which made them easier for me to grasp.

route add -net netmask dev eth0 adds a route to the network 192.56.76.x via "eth0". The Class C netmask modifier is not really necessary here because 192.* is a Class C IP address. The word "dev" can be omitted here.

Here's what I ended up doing: * added a source based route for on ip as described on openvz wiki* setup a firewall and nat on the vpn gateway as described on the gentoo home router guide

Yearly Indexes: 2003 2004 2006 2007 2008 2009 2010 2011 2012 2013 2015 2019 2020 2022