[Users] Broadcast traffic on veth interfaces

Jason Voorhees jvoorhees1 at gmail.com
Fri Feb 13 09:52:53 EST 2009


On Fri, Feb 13, 2009 at 9:48 AM, Jason Voorhees <jvoorhees1 at gmail.com> wrote:
> On Fri, Feb 13, 2009 at 6:46 AM, Vitaliy Gusev <vgusev at openvz.org> wrote:
>> On 13 February 2009 02:53:12 Jason Voorhees wrote:
>>> Hi:
>>>
>>> On Fri, Feb 6, 2009 at 11:35 AM, Vitaliy Gusev <vgusev at openvz.org> wrote:
>>> > On 5 February 2009 18:26:05 Jason Voorhees wrote:
>>> >> Hi people:
>>> >>
>>> >> I'm a newbie in OpenVZ world yet. With a little help of Google and
>>> >> OpenVZ wiki I understood that it's necessary to use veth instead of
>>> >> venet to be able to deal with broadcast traffic in a VE. This is true,
>>> >> right?
>>> >> So I created the corresponding veth to my VE and attached it to a
>>> >> bridge. Now my VE has an eth0 interface, it has its own IP address and
>>> >> works nicely: send and receive ICMP messages (with ping), I can get
>>> >> into VE trough SSH, etc.
>>> >>
>>> >> But I can see that broadcast traffic isn't working very well yet. My
>>> >> VE is running a Samba server but I can't find its netbios name (from
>>> >> the HN) using nmblookup. Also from the VE I can't find any netbios
>>> >> host in my network using nmblookup except the VE host itself.
>>> >>
>>> >> I followed the steps of the wiki:
>>> >> http://wiki.openvz.org/Veth#Virtual_Ethernet_devices_can_be_joined_in_one_bridge
>>> >>
>>> >> Do I need to do anything else in my OpenVZ environment?
>>> >
>>> >
>>> > I think it is enough. What say a tcpdump in host and in VE?
>>> > Please also check iptables rules.
>>> >
>>>
>>> My VE and HN don't have any iptables rules, policy are set ACCEPT by
>>> default in all chains.
>>> In my VE I'm running this:
>>>
>>> # tcpdump -ni eth0 host 192.168.99.255
>>>
>>> And I get nothing as output. However when I run the same command at
>>> the HN I get this:
>>>
>>> # tcpdump -ni eth0 host 192.168.99.255
>>> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
>>> listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
>>> 18:35:14.636181 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
>>> id 36213, seq 88, length 64
>>> 18:35:15.635582 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
>>> id 36213, seq 89, length 64
>>> 18:35:16.635749 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
>>> id 36213, seq 90, length 64
>>> 18:35:17.635667 IP 192.168.99.23 > 192.168.99.255: ICMP echo request,
>>> id 36213, seq 91, length 64
>>>
>>
>> Are you sure that traffic was broadcast? Please add "-e" option to tcpdump
>> and run again.
>>
>>
> Yes. This is my tcpdump output with -e running at HN when running
> "nmblookup server3k" (netbios name of my VE running Samba) & "ping -b
> 192.168.99.255" from my PC (192.168.99.23) in the same network:
>
> # tcpdump -e -ni eth0 host 192.168.99.255 and 192.168.99.23
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
> 09:44:28.851932 00:10:c6:a2:9e:3c > Broadcast, ethertype IPv4
> (0x0800), length 92: 192.168.99.23.21464 > 192.168.99.255.netbios-ns:
> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
> 09:44:29.128501 00:10:c6:a2:9e:3c > Broadcast, ethertype IPv4
> (0x0800), length 92: 192.168.99.23.21464 > 192.168.99.255.netbios-ns:
> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
> 09:44:29.400595 00:10:c6:a2:9e:3c > Broadcast, ethertype IPv4
> (0x0800), length 92: 192.168.99.23.21464 > 192.168.99.255.netbios-ns:
> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
> 09:44:58.345506 00:10:c6:a2:9e:3c > Broadcast, ethertype IPv4
> (0x0800), length 98: 192.168.99.23 > 192.168.99.255: ICMP echo
> request, id 54551, seq 1, length 64
> 09:44:59.360174 00:10:c6:a2:9e:3c > Broadcast, ethertype IPv4
> (0x0800), length 98: 192.168.99.23 > 192.168.99.255: ICMP echo
> request, id 54551, seq 2, length 64
> 09:45:00.364349 00:10:c6:a2:9e:3c > Broadcast, ethertype IPv4
> (0x0800), length 98: 192.168.99.23 > 192.168.99.255: ICMP echo
> request, id 54551, seq 3, length 64
>
> Running the same tcpdump command with the same options returns nothing at my VE.
> It seems that something (i don't know what) ist blocking broadcast
> traffic at the HN host level.
> Is this true? Is it something related to the bridge configuration? Is
> it related to HN routes?
>

Ok, I also added this route at HN:

# route add -host 192.168.99.255 dev vzbr0

But my VE doesn't get broadcast traffic yet :(


More information about the Users mailing list