HA: [Users] strange network problem

Marat Stanichenko mstanichenko at parallels.com
Mon Mar 15 12:16:06 EDT 2010 

Hi,

as far as I understand, your network configuration is based on simple venet0 interface.
Is that true? I suppose that you are faced with arp-problem but could you please elaborate
your network configuration a little bit so one can understand what the exact environment is.
It may be important if you are using several route tables.
"ip a l", "ip  route list table all", "ip rule list", "arp -n" would be enough I suppose.

Let me give you a hint so that you will be able to cope with the problem by yourself.
venet0 is working according the following principle. If a remote machine is willing to communicate
with a VE it send "arp-who has" request. This type of request reaches a HN and the HN is sending
"arp reply" to the remote machine (that's why "arp -n" output should contain information about VE).
Then the remote machine sends network packets to the HN but because of the additional route 
(see "ip route list" output) all packets are going inside VE through the HN. That's the principle of venet0
interface.

To catch the problem I recommend you using "tcpdump" utility.

Stanichenko Marat
________________________________________
От: users-bounces at openvz.org [users-bounces at openvz.org] от имени Dragomir Zhelev [drago at delta.bg]
Отправлено: 15 марта 2010 г. 18:39
Кому: users at openvz.org
Тема: [Users] strange network problem

Hi all :) ,


 The problem is, that as containers are working, the network to someone
or more than one stops. it is not necessary that the container is one
and the same everytime. When I run ping to the container from the host
node, there is no reply.I can enter the container with "vzctl enter
XXX", but the problem stays.
 The problem is fixed when I execute ""/sbin/ifdown venet0 && /sbin/ifup
venet0".
 Sometimes this doesn't help, because in 1 min, another container could
stop. Sometimes it works normally for day or two without any problems,
but after that it could start happening every 5 mins.
I use the latest version of "centos" which is updated until the last
update available. The kernel is Linux ufo.myhost.com
2.6.18-164.11.1.el5.028stab068.3 #1 SMP Wed Feb 17 15:22:30 MSK 2010
x86_64 x86_64 x86_64 GNU/Linux


I have iptables rules only in FORWARD filter table and this rules are -j
ACCEPT for traffic counting all other tables and rules are flush and
with -P ACCEPT



Regards.
_______________________________________________
Users mailing list
Users at openvz.org
https://openvz.org/mailman/listinfo/users

More information about the Users mailing list