[Devel] Why use FAKEGATEWAY{,NET} instead of default dev venet0?

Peter Volkov pva at gentoo.org
Tue Oct 14 03:15:04 PDT 2008


В Втр, 14/10/2008 в 11:51 +0400, Denis V. Lunev пишет:
> On Fri, 2008-09-12 at 13:08 +0400, Peter Volkov wrote:
> > venet0 is peer-to-peer device. Why openvz scripts
> > set some $FAKEGATEWAYNET network on p2p device and then put nonexistent
> > $FAKEGATEWAY as a gateway there? Seems that it's much more simple and
> > clean way to setup networking is:
> > 
> > # route add default dev venet0
> > or 
> > # ip route add default dev venet0
> > 
> > Are there any drawbacks of this solution? I'm going to modify
> > gentoo-{add,del}_ip.sh scripts but is it good idea?

> The answer is quite simple. Without a gateway you'll have a neighbour
> entry for each incoming/outgoing destination.

Hm, where? On HN or VE, and how is this simple answer possible? In any
case I did some investigations and I do not see any behavior change in
neighbour aspect.

VE with nginx server running. I've opened some pages to be sure that at
least some users are using this VE at this moment:

nginx ~ # ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
3: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc
noqueue
    link/void
    inet 172.16.0.41/32 scope global venet0

nginx ~ # ip route
127.0.0.0/8 via 127.0.0.1 dev lo
default dev venet0  scope link  metric 2

nginx ~ # ip neigh show nud all
0.0.0.0 dev venet0 lladdr  NOARP
0.0.0.0 dev lo lladdr 00:00:00:00:00:00 NOARP

VE with old setup (with FAKEGATEWAY) and dns running (lot's of users
connected) has exactly same neighbour table.

At home node there is neighbour entry and I see both clients from
connected to nginx and dns there. So sorry, I don't understood simple
answer. Could you, please, elaborate a little bit more? Thanks.

-- 
Peter.




More information about the Devel mailing list