HA: [Users] strange network problem

Nirmal Guhan vavatutu at gmail.com
Fri Jun 25 12:40:59 EDT 2010


2010/3/15 Marat Stanichenko <mstanichenko at parallels.com>:
> Hi,
>
> as far as I understand, your network configuration is based on simple venet0 interface.
> Is that true? I suppose that you are faced with arp-problem but could you please elaborate
> your network configuration a little bit so one can understand what the exact environment is.
> It may be important if you are using several route tables.
> "ip a l", "ip  route list table all", "ip rule list", "arp -n" would be enough I suppose.
>
> Let me give you a hint so that you will be able to cope with the problem by yourself.
> venet0 is working according the following principle. If a remote machine is willing to communicate
> with a VE it send "arp-who has" request. This type of request reaches a HN and the HN is sending
> "arp reply" to the remote machine (that's why "arp -n" output should contain information about VE).
> Then the remote machine sends network packets to the HN but because of the additional route
> (see "ip route list" output) all packets are going inside VE through the HN. That's the principle of venet0
> interface.

Does this VE->HN happen within the driver/kernel or does each packet
for VE go to some user level process in HN and then sent to the VE ?
Kindly clarify.

--Nirmal
>
> To catch the problem I recommend you using "tcpdump" utility.
>
> Stanichenko Marat
> ________________________________________
> От: users-bounces at openvz.org [users-bounces at openvz.org] от имени Dragomir Zhelev [drago at delta.bg]
> Отправлено: 15 марта 2010 г. 18:39
> Кому: users at openvz.org
> Тема: [Users] strange network problem
>
> Hi all :) ,
>
>
>  The problem is, that as containers are working, the network to someone
> or more than one stops. it is not necessary that the container is one
> and the same everytime. When I run ping to the container from the host
> node, there is no reply.I can enter the container with "vzctl enter
> XXX", but the problem stays.
>  The problem is fixed when I execute ""/sbin/ifdown venet0 && /sbin/ifup
> venet0".
>  Sometimes this doesn't help, because in 1 min, another container could
> stop. Sometimes it works normally for day or two without any problems,
> but after that it could start happening every 5 mins.
> I use the latest version of "centos" which is updated until the last
> update available. The kernel is Linux ufo.myhost.com
> 2.6.18-164.11.1.el5.028stab068.3 #1 SMP Wed Feb 17 15:22:30 MSK 2010
> x86_64 x86_64 x86_64 GNU/Linux
>
>
> I have iptables rules only in FORWARD filter table and this rules are -j
> ACCEPT for traffic counting all other tables and rules are flush and
> with -P ACCEPT
>
>
>
> Regards.
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
>



More information about the Users mailing list