[Users] strange network problem

Stanichenko Marat mstanichenko at openvz.org
Tue Mar 16 11:53:43 EDT 2010 

Hi,

as far as I understand, your network configuration is based on simple 
venet0 interface.
Is that true? I suppose that you are faced with arp-problem but could 
you please elaborate
your network configuration a little bit so one can understand what the 
exact environment is.
It may be important if you are using several route tables.
"ip a l", "ip  route list table all", "ip rule list", "arp -n" would be 
enough I suppose.

Let me give you a hint so that you will be able to cope with the problem 
by yourself.
venet0 is working according the following principle. If a remote machine 
is willing to communicate
with a VE it send "arp-who has" request. This type of request reaches a 
HN and the HN is sending
"arp reply" to the remote machine (that's why "arp -n" output should 
contain information about VE).
Then the remote machine sends network packets to the HN but because of 
the additional route
(see "ip route list" output) all packets are going inside VE through the 
HN. That's the principle of venet0
interface.

To catch the problem I recommend you using "tcpdump" utility.

Stanichenko Marat

Dragomir Zhelev wrote on 15.03.2010 18:39:
> Hi all :) , 
>
>
>  The problem is, that as containers are working, the network to someone 
> or more than one stops. it is not necessary that the container is one 
> and the same everytime. When I run ping to the container from the host 
> node, there is no reply.I can enter the container with "vzctl enter 
> XXX", but the problem stays.
>  The problem is fixed when I execute ""/sbin/ifdown venet0 && /sbin/ifup 
> venet0".
>  Sometimes this doesn't help, because in 1 min, another container could 
> stop. Sometimes it works normally for day or two without any problems, 
> but after that it could start happening every 5 mins.
> I use the latest version of "centos" which is updated until the last 
> update available. The kernel is Linux ufo.myhost.com 
> 2.6.18-164.11.1.el5.028stab068.3 #1 SMP Wed Feb 17 15:22:30 MSK 2010 
> x86_64 x86_64 x86_64 GNU/Linux
>
>
> I have iptables rules only in FORWARD filter table and this rules are -j 
> ACCEPT for traffic counting all other tables and rules are flush and 
> with -P ACCEPT
>
>
>
> Regards.
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
>

More information about the Users mailing list