[Users] dual ethernet woes

Steve Hodges shodges at iinet.net.au
Tue Aug 14 07:01:09 EDT 2007 

The servers I'm trying to put onto a single hardware node each have 2 
ethernet interfaces.

each server has 2 addresses, e.g. 192.168.206.11 and 192.168.205.11.  
(these are the primary and secondary networks respectively)

There is a DNS server on each network.  Each DNS provides resolution on 
that network.  For example the DNS at 192.168.205.254 resolves "mail" to 
192.168.205.254.  The DNS on 192.168.206.254 resolves "mail" to 
192.168.206.254.

(actually the name is mail.domain, but you get the idea)

There is some further complication due to the fact that a third network 
is accessed via a router, and each network has its own gateway to the world.

route -n typically gives something like this:

10.60.10.0      192.168.205.1   255.255.255.0   UG    0      0        0 eth1
10.60.10.0      192.168.206.1   255.255.255.0   UG    0      0        0 eth0
192.168.205.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.206.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.168.206.254 0.0.0.0         UG    0      0        0 eth0
0.0.0.0         192.168.205.254 0.0.0.0         UG    0      0        0 eth1

If I set up the hardware node like that (and that is actually from a 
test hardware node) then I can happily ping all the important places 
(192.168.205.1, .254, and .11 and .12 (existing servers) as well as 
192.168.206.1, .254, .11 and .12 and into the other network 
(10.60.10.x), and onto the internet).

here's the output of a test script:

192.168.205.1 - OK
192.168.205.11 - OK
192.168.205.12 - OK
192.168.205.254 - OK
192.168.205.253 - FAILED
192.168.206.1 - OK
192.168.206.11 - OK
192.168.206.12 - OK
192.168.206.254 - OK
192.168.206.253 - FAILED
10.60.10.131 - OK
10.60.10.190 - OK
google.com - OK

(the two that fail are non-existant servers -- that's OK)

However, in a VE things go all pear shaped.

The VE is set up like this:

vzctl set ${VM_NO} --ipadd ${VM_IP_PRI} --save
vzctl set ${VM_NO} --ipadd ${VM_IP_SEC} --save

and they appear on the HN in the route -n like this:

192.168.206.104 0.0.0.0         255.255.255.255 UH    0      0        0 
venet0
192.168.205.104 0.0.0.0         255.255.255.255 UH    0      0        0 
venet0

however in the VE the test script shows that things are going pear shaped

192.168.205.1 - FAILED
192.168.205.11 - OK
192.168.205.12 - FAILED
192.168.205.254 - OK
192.168.205.253 - FAILED
192.168.206.1 - OK
192.168.206.11 - OK
192.168.206.12 - OK
192.168.206.254 - OK
192.168.206.253 - FAILED
10.60.10.131 - OK
10.60.10.190 - OK
google.com - OK

What has me scratching my head is that it's not really too consistent :-(

I've had a bit of a look here

http://wiki.openvz.org/VEs_in_different_subnets#.282.29_An_OVZ_Hardware_Node_has_two_ethernet_interfaces

but it really doesn't make a lot of sense to me

Is there anything I should look more closely at?

Steve

More information about the Users mailing list