[Users] Multiple veth in VE assigned to proper vmbr on HN?

Tim Nelson tnelson at rockbochs.com
Mon Jun 28 17:08:12 EDT 2010


----- "Tim Nelson" <tnelson at rockbochs.com> wrote:
> Greetings all-
> 
> I'm having issues with what I would think is a common scenario. I have
> a host node running CentOS 5.0 with the OpenVZ kernel
> (2.6.18-164.11.1.el5.028stab068.3) and appropriate tools. OpenVZ works
> just fine. The host node has two physical network interfaces, one
> which resides on a public subnet routed to me by the ISP, and another
> which is on an internal private network. The HN needs to be accessible
> via the public subnet (default gateway is ISP router), and still have
> access to internal network resources, namely NFS. This works just fine
> on the HN.
> 
> I've been attempting to get this same functionality inside of the VE's
> but using venet has been an absolute nightmare. Traffic seems to be
> sourced from the public interface regardless of destination and there
> are other 'oddities' which I don't particularly care for.
> 
> I would like to have the same public/private functionality available
> to the VE's but using veth. The VE's should have two veth interfaces
> (eth0 and eth1 I would assume) with each being 'mapped' to the
> appropriate interface on the HN for public/private network
> connectivity. On the HN I've created two bridges, vmbr0 and vmbr1.
> vmbr0 includes eth0 which is for public connectivity. vmbr1 includes
> eth1 which is for private connectivity.
> 
> The big question is how do I configure the above scenario? How do I
> assign multiple veths to each VE and ensure that veth is on the proper
> vmbr on the HN?
> 
> All suggestions welcome. Thanks!
> 

For the archives:

After some additional testing, I found what works for me. As noted in my OP, on the host node eth0 in vmbr0 and eth1 in vmbr1:

vzctl set 102 --netif_add eth0,,,,vmbr0 --save
vzctl set 102 --netif_add eth1,,,,vmbr1 --save
vzctl restart 102

As per the wiki article, the above syntax works on vzctl > 3.0.22 but ymmv on lesser versions.

--Tim


More information about the Users mailing list