[Users] openvz and SuSE

Daniel Bauer mlist at dsb-gmbh.de
Fri Feb 3 07:38:59 EST 2006 

From: "Mishin Dmitry" <dim at sw.ru>
> On Friday 03 February 2006 13:40, Daniel Bauer wrote:
>> From: "Mishin Dmitry" <dim at sw.ru>
>>
>> >> I've three nics, but only one venet0.
>> >> i.e. eth0 is connected to intranet for use of VPS
>> >>       (10.x.x.x)
>> >>       eth1 is connected to internet for use of VPS
>> >>       (20.x.x.x)
>> >>       eth2 s connected to intranet only for use of the Host
>> >>       (30.x.x.x)
>> >>
>> >> I'd like to use:
>> >>     VPS1: intranet (eth0)
>> >>     VPS2: internet (eth1)
>> >>     VPS3: intranet (eth0) + internet (eth1)
>> >>
>> >> On the host (eth2) I don't want to have an IP of the intranet or
>> >> internet, the nics should be used for the VPS.
>> >>
>> >> As I understand it's not possible to share a real nic with Host 
>> >> and
>> >> diff. VPS, so howto setup this configuration?
>> >
>> > You should assign IP from intranet to VPS1, IP for internet to VPS2
>> > and both
>> > such IPs to VPS3.
>>
>> Sorry that doesn't work here if you don't have a IP on the host.
>> i.e.
>>     Host:
>>         eth0 10.1.0.1/255.255.255.0
>>         eth1 10.2.0.1/255.255.255.0*
>>
>>      VPS1:
>>         venet0:0 10.3.0.2/255.255.255.255
>>
>>      VPS2:
>>         venet0:0 10.4.0.3/255.255.255.255*
>>
>>      VPS3:
>>         venet0:0 10.3.0.4/255.255.255.255
>>         venet0:1 10.4.0.4/255.255.255.255*
>>
>> * not used in this test
>>
>> a Client with IP 10.1.0.100 could ping the host
>> a Client with IP 10.3.0.100 could ping nothing
>>
>> If I set the host to 10.3.0.1 then I could ping the Host, VPS1 and 
>> VPS3.
>> So it seems to me that is necessary to have an IP on the host from 
>> the
>> same subnet.
> You are right.
>>
>> I see that when I start the VPS a new route for each IP, maybe this 
>> is
>> the problem, is it not better to bridge the adapters between Host and
>> VPS?
> venet works on IP level, not Ethernet. So, bridging is impossible for 
> now.

is it possible to take another way to work on Ethernet level, because I 
don't want a official IP for the host.
1. security
2. no need for
3. one official IP less for each block

Daniel

More information about the Users mailing list