[Users] Broadcast traffic on veth interfaces

Vitaliy Gusev vgusev at openvz.org
Fri Feb 13 06:46:26 EST 2009 

On 13 February 2009 02:53:12 Jason Voorhees wrote:
> Hi:
> 
> On Fri, Feb 6, 2009 at 11:35 AM, Vitaliy Gusev <vgusev at openvz.org> wrote:
> > On 5 February 2009 18:26:05 Jason Voorhees wrote:
> >> Hi people:
> >>
> >> I'm a newbie in OpenVZ world yet. With a little help of Google and
> >> OpenVZ wiki I understood that it's necessary to use veth instead of
> >> venet to be able to deal with broadcast traffic in a VE. This is true,
> >> right?
> >> So I created the corresponding veth to my VE and attached it to a
> >> bridge. Now my VE has an eth0 interface, it has its own IP address and
> >> works nicely: send and receive ICMP messages (with ping), I can get
> >> into VE trough SSH, etc.
> >>
> >> But I can see that broadcast traffic isn't working very well yet. My
> >> VE is running a Samba server but I can't find its netbios name (from
> >> the HN) using nmblookup. Also from the VE I can't find any netbios
> >> host in my network using nmblookup except the VE host itself.
> >>
> >> I followed the steps of the wiki:
> >> http://wiki.openvz.org/Veth#Virtual_Ethernet_devices_can_be_joined_in_one_bridge
> >>
> >> Do I need to do anything else in my OpenVZ environment?
> >
> >
> > I think it is enough. What say a tcpdump in host and in VE?
> > Please also check iptables rules.
> >
> 
> My VE and HN don't have any iptables rules, policy are set ACCEPT by
> default in all chains.
> In my VE I'm running this:
> 
> # tcpdump -ni eth0 host 192.168.99.255
> 
> And I get nothing as output. However when I run the same command at
> the HN I get this:
> 
> # tcpdump -ni eth0 host 192.168.99.255
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
> 18:35:14.636181 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
> id 36213, seq 88, length 64
> 18:35:15.635582 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
> id 36213, seq 89, length 64
> 18:35:16.635749 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
> id 36213, seq 90, length 64
> 18:35:17.635667 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
> id 36213, seq 91, length 64
> 

Are you sure that traffic was broadcast? Please add "-e" option to tcpdump
and run again.


> 4 packets captured
> 8 packets received by filter
> 0 packets dropped by kernel
> 
> ... as expected. HN doesn't reply to ICMP broadcast according to my
> kernel setting but DOES receive those packets, see?
> 
> These are the steps I followed to add a Virtual Ethernet to my VE
> already started:
> 
> 1. Make sure VE has no IP address of venet type:
> 
> [root at hn ~]# vzctl set 101 --ipdel all --save
> 
> 2. Add a veth interface to my VE:
> 
> [root at hn ~]# vzctl set 101 --netif_add eth0 --save
> 
> 3. Configure veth101.0 and corresponding kernel settings:
> 
> [root at hn ~]# ifconfig veth101.0 0
> [root at hn ~]# sysctl -w net/ipv4/conf/veth101.0/forwarding=1
> [root at hn ~]# sysctl -w net/ipv4/conf/veth101.0/proxy_arp=1
> [root at hn ~]# sysctl -w net/ipv4/conf/eth0/forwarding=1
> [root at hn ~]# sysctl -w net/ipv4/conf/eth0/proxy_arp=1
> 
> 4. Set the IP address in VE:
> 
> [root at hn ~]# vzctl enter 101
> [root at ve101 /]# ifconfig eth0 192.168.99.209
> [root at ve101 /]# route add default dev eth0
> [root at ve101 /]# exit
> 
> 5. I create and set up the bridge at HN:
> 
> [root at hn ~]# brctl addbr vzbr0
> [root at hn ~]# brctl addif vzbr0 veth101.0
> [root at hn ~]# ifconfig vzbr0 0
> [root at hn ~]# sysctl -w net/ipv4/conf/vzbr0/forwarding=1
> [root at hn ~]# sysctl -w net/ipv4/conf/vzbr0/proxy_arp=1
> 
> 6. I added the corresponding route and test connectivity:
> 
> [root at hn ~]# route add -host 192.168.99.209 dev vzbr0
> [root at hn ~]# ping 192.168.99.209
> PING 192.168.99.209 (192.168.99.209) 56(84) bytes of data.
> 64 bytes from 192.168.99.209: icmp_seq=1 ttl=64 time=0.045 ms
> 64 bytes from 192.168.99.209: icmp_seq=2 ttl=64 time=0.043 ms
> 64 bytes from 192.168.99.209: icmp_seq=3 ttl=64 time=0.021 ms
> 
> 
> So, I can ping and ssh my VE from HN and from anyhost in my network.
> Also I can ping and ssh to anyhost from my VE. Networking is working
> apparently OK but broadcast traffic doesn't. It seems that HN isn't
> letting pass broadcast packets to VE.
> 
> Is there anything else I need to check? I hope someone can help me
> 
> >
> >>
> >> Kernel: 2.6.18-92.1.18.el5.028stab060.2
> >> vzctl version: vzctl version 3.0.23
> >>
> >> Any help would be appreciated. Thanks, bye
> >> _______________________________________________
> >> Users mailing list
> >> Users at openvz.org
> >> https://openvz.org/mailman/listinfo/users
> >>
> >
> >
> >
> > --
> > Thank,
> > Vitaliy Gusev
> >
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
> 



-- 
Thank,
Vitaliy Gusev

More information about the Users mailing list