[Users] Broadcast traffic on veth interfaces

Jason Voorhees jvoorhees1 at gmail.com
Thu Feb 12 18:53:12 EST 2009 

Hi:

On Fri, Feb 6, 2009 at 11:35 AM, Vitaliy Gusev <vgusev at openvz.org> wrote:
> On 5 February 2009 18:26:05 Jason Voorhees wrote:
>> Hi people:
>>
>> I'm a newbie in OpenVZ world yet. With a little help of Google and
>> OpenVZ wiki I understood that it's necessary to use veth instead of
>> venet to be able to deal with broadcast traffic in a VE. This is true,
>> right?
>> So I created the corresponding veth to my VE and attached it to a
>> bridge. Now my VE has an eth0 interface, it has its own IP address and
>> works nicely: send and receive ICMP messages (with ping), I can get
>> into VE trough SSH, etc.
>>
>> But I can see that broadcast traffic isn't working very well yet. My
>> VE is running a Samba server but I can't find its netbios name (from
>> the HN) using nmblookup. Also from the VE I can't find any netbios
>> host in my network using nmblookup except the VE host itself.
>>
>> I followed the steps of the wiki:
>> http://wiki.openvz.org/Veth#Virtual_Ethernet_devices_can_be_joined_in_one_bridge
>>
>> Do I need to do anything else in my OpenVZ environment?
>
>
> I think it is enough. What say a tcpdump in host and in VE?
> Please also check iptables rules.
>

My VE and HN don't have any iptables rules, policy are set ACCEPT by
default in all chains.
In my VE I'm running this:

# tcpdump -ni eth0 host 192.168.99.255

And I get nothing as output. However when I run the same command at
the HN I get this:

# tcpdump -ni eth0 host 192.168.99.255
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
18:35:14.636181 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
id 36213, seq 88, length 64
18:35:15.635582 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
id 36213, seq 89, length 64
18:35:16.635749 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
id 36213, seq 90, length 64
18:35:17.635667 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
id 36213, seq 91, length 64

4 packets captured
8 packets received by filter
0 packets dropped by kernel

... as expected. HN doesn't reply to ICMP broadcast according to my
kernel setting but DOES receive those packets, see?

These are the steps I followed to add a Virtual Ethernet to my VE
already started:

1. Make sure VE has no IP address of venet type:

[root at hn ~]# vzctl set 101 --ipdel all --save

2. Add a veth interface to my VE:

[root at hn ~]# vzctl set 101 --netif_add eth0 --save

3. Configure veth101.0 and corresponding kernel settings:

[root at hn ~]# ifconfig veth101.0 0
[root at hn ~]# sysctl -w net/ipv4/conf/veth101.0/forwarding=1
[root at hn ~]# sysctl -w net/ipv4/conf/veth101.0/proxy_arp=1
[root at hn ~]# sysctl -w net/ipv4/conf/eth0/forwarding=1
[root at hn ~]# sysctl -w net/ipv4/conf/eth0/proxy_arp=1

4. Set the IP address in VE:

[root at hn ~]# vzctl enter 101
[root at ve101 /]# ifconfig eth0 192.168.99.209
[root at ve101 /]# route add default dev eth0
[root at ve101 /]# exit

5. I create and set up the bridge at HN:

[root at hn ~]# brctl addbr vzbr0
[root at hn ~]# brctl addif vzbr0 veth101.0
[root at hn ~]# ifconfig vzbr0 0
[root at hn ~]# sysctl -w net/ipv4/conf/vzbr0/forwarding=1
[root at hn ~]# sysctl -w net/ipv4/conf/vzbr0/proxy_arp=1

6. I added the corresponding route and test connectivity:

[root at hn ~]# route add -host 192.168.99.209 dev vzbr0
[root at hn ~]# ping 192.168.99.209
PING 192.168.99.209 (192.168.99.209) 56(84) bytes of data.
64 bytes from 192.168.99.209: icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from 192.168.99.209: icmp_seq=2 ttl=64 time=0.043 ms
64 bytes from 192.168.99.209: icmp_seq=3 ttl=64 time=0.021 ms


So, I can ping and ssh my VE from HN and from anyhost in my network.
Also I can ping and ssh to anyhost from my VE. Networking is working
apparently OK but broadcast traffic doesn't. It seems that HN isn't
letting pass broadcast packets to VE.

Is there anything else I need to check? I hope someone can help me

>
>>
>> Kernel: 2.6.18-92.1.18.el5.028stab060.2
>> vzctl version: vzctl version 3.0.23
>>
>> Any help would be appreciated. Thanks, bye
>> _______________________________________________
>> Users mailing list
>> Users at openvz.org
>> https://openvz.org/mailman/listinfo/users
>>
>
>
>
> --
> Thank,
> Vitaliy Gusev
>

More information about the Users mailing list