[Users] source ip address issue with venet

Marc Aymerich glicerinu at gmail.com
Wed Aug 25 15:05:10 EDT 2010 

 Hi,
After restarting a HN3 It doesn't connect to my MySQL server anymore (MySQL
is running inside an OVZ container, called sql-server, that lives on HN3.
Connections from HN1 or HN2 to MySQL work fine). The reason seems to be
network related.

HN3: 77.2.179.77/24
sql-server: 77.2.179.120/24 (remember, it lives on HN3)

lets do a ping, from HN3 to sql-server container

HN3:~# ping 77.2.179.120
PING 77.2.179.120 (77.2.179.120) 56(84) bytes of data.
64 bytes from 77.2.179.120: icmp_seq=1 ttl=64 time=0.043 ms

Seems to work fine, but when we use tcpdump to examine that ping, we get
this:

HN3:~# tcpdump ip proto 1 -i venet0
16:07:15.175602 IP 10.0.10.3 > 77.2.179.120: ICMP echo request, id 33323,
seq 28, length 64
16:07:15.175623 IP 77.2.179.120 > 10.0.10.3: ICMP echo reply, id 33323, seq
28, length 64

Why HN3 use 10.0.10.3 src ip address instead of 77.2.179.77 ? At least it's
what 'ip ro' say:

HN3:~# ip ro
10.0.0.20 dev venet0  scope link
77.2.179.122 dev venet0  scope link
77.2.179.120 dev venet0  scope link
77.2.179.126 dev venet0  scope link
77.2.179.125 dev venet0  scope link
10.0.0.0/24 dev vmbr1  proto kernel  scope link  src 10.0.0.3
77.2.179.0/24 dev vmbr0  proto kernel  scope link  src 77.2.179.77
10.10.0.0/24 dev eth3  proto kernel  scope link  src 10.10.0.3
10.0.10.0/24 dev eth2  proto kernel  scope link  src 10.0.10.3
default via 77.2.179.7 dev vmbr0

packets to 77.2.179.0/24 must use 77.2.179.77 as src address.

What is that I'm missing? Maybe "venet" doesn't look 'ip ro' table? How
could I force a correct src address for the ip packets to my sql-server?



Note:
packet src addr from others HN are correct:

16:25:53.535392 IP 77.2.179.75 > 77.2.179.120: ICMP echo request, id 6748,
seq 4, length 64
16:25:53.535423 IP 77.2.179.120 > 77.2.179.75: ICMP echo reply, id 6748, seq
4, length 64

br
-- 
Marc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://openvz.org/pipermail/users/attachments/20100825/5a1a5ba3/attachment.html

More information about the Users mailing list