[Users] How to configure a server to use multiple subnets/gateways

Rene C. openvz at dokbua.com
Tue Aug 20 12:13:52 EDT 2013 

No takers!?  Is it more complicated than I imagine?  I have tried to
explain it as well as I can. Please let me know if there is anything
unclear and I'll try to clarify.

// Rene

On Sun, Aug 18, 2013 at 1:22 PM, Rene C. <openvz at dokbua.com> wrote:
> ... continued
>
>
> So going the simple/obvious way of bridging the CT0 interface I try
> the longer route:
>
> [root at server17 ~]# ifconfig veth1706.0 0
> [root at server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/veth1706.0/forwarding
> [root at server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/veth1706.0/proxy_arp
> [root at server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
> [root at server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
> [root at server17 ~]# vzctl enter 1706
> entered into CT 1706
> [root at vps1706 /]# ifconfig eth0 0
> [root at vps1706 /]# ip addr add xxx.13.31.131 dev eth0
> [root at vps1706 /]# route add default dev eth0
> [root at vps1706 /]# logout
> exited from CT 1706
> [root at server17 ~]# ip route add xxx dev veth1706.0
> RTNETLINK answers: File exists
>
>
> To recap the problem:
>
> I have this hardware node with IP xxx.22.181.158
>
> Node runs Centos 6, so does all containers.
>
> I already have 4 containers with IP addresses on the same subnet
> (xxx.22.181.*) running fine.
>
> Problem is, now my data center gave me 3 IP addresses in a new subnet
> with a separate gateway:
>
> IP add  : xxx.13.31.130  -  132
> subnet : 255.255.255.224
> gateway : xxx.13.31.129
>
> How can I make this work. Please be specific. I don't mind reading and
> learning, but the learning curve at this stage is too high, I'm not
> getting anywhere. Thanks.
>
>
>
>
> On Sun, Aug 18, 2013 at 12:28 PM, Rene C. <openvz at dokbua.com> wrote:
>> I'm sorry but networking is obviously not one of my strong areas and
>> for all the good intentions, all the buzzwords confuse me more than
>> they help me.
>>
>> I had a look at http://openvz.org/Virtual_Ethernet_device, and it
>> gives detailed information about a number of scenarios, for example
>> "Simple configuration with virtual Ethernet devices" and then proceeds
>> with 50 steps to set it up. (Ok I exaggerate but you get my drift).  I
>> think my requirement is very very simple, like I explained before, my
>> DC gave me a bunch of IP addresses on a new subnet requiring a
>> different gateway for it to work.
>>
>> I tried.
>>
>> Ok so I start at the "imple configuration with virtual Ethernet
>> device", with the vzctl start and set commands listed. Then it says
>> "The following steps are needed when the CT is not bridged to a CT0
>> network interface.". Ok, I guess I should make the "CT bridged to a
>> CT0 network inteface" then... but how?   There's a section
>> "Independent Virtual Ethernet communication through the bridge". It
>> starts with "create bridge device", starting with "brctl addbr vzbr0".
>> Ok, I try that...
>>
>> # brctl addbr vzbr0
>> -bash: brctl: command not found
>>
>> Now what?
>>
>> I just need to set this up. Not how to enable a VPN tunnel or multiple
>> 192.168 networks.  I'm sure someone in the know could tell me this is
>> a matter of two lines instead of this information overload.
>>
>> Thanks!
>>
>>
>>
>> On Sun, Aug 18, 2013 at 3:36 AM, Jean-Marc Pigeon <jmp at safe.ca> wrote:
>>> Bonjour Rene C.
>>>
>>> My understanding you want to route VPS IP not related to host IP.
>>> Just to tell you we have such config.
>>> Using veth  within the VPS and the host with Bridge interface.
>>> Our config is working IP double stack (IPV4 + IPV6).
>>>
>>> The VPS eth0 interface is a very straightforward one.
>>> VPS ifcfg-eth0
>>> DEVICE=eth0
>>> BOOTPROTO=static
>>> ONBOOT=yes
>>> IPADDR=X.Y.Z.T
>>> NETMASK=255.255.255.255
>>> IPV6INIT=yes
>>> IPV6ADDR=XX:YY.......ZZ:TT
>>>
>>> Keyword are veth, IPV4 Routing, Bridge.
>>> http://openvz.org/Virtual_Ethernet_device
>>> seems to me a good starting point.
>>>
>>>
>>> Quoting "Rene C." <openvz at dokbua.com>:
>>>
>>>> Thanks Jean-Marc, I don't think this is what I need though - I don't
>>>> have any bridge interfaces anywhere, and frankly don't quite see how
>>>> it fits into the server. There's only a ifcfg-eth0 file.
>>>>
>>>> I had a look at this page -
>>>> http://wiki.openvz.org/Source_based_routing - am I on the right track?
>>>>
>>>> I tried some of the commands but it threw an error early on so I have
>>>> a feeling I'm not.
>>>>
>>>> # ip rule add from xxx.13.31.0/24 table 6
>>>> # ip route add default dev eth0 via xxx.13.31.129 table 6
>>>> RTNETLINK answers: No such process
>>>>
>>>>
>>>>
>>>> On Sat, Aug 17, 2013 at 10:28 PM, Jean-Marc Pigeon <jmp at safe.ca> wrote:
>>>>>
>>>>> Bonjour Rene C,
>>>>>
>>>>> My config:
>>>>>
>>>>> ifcfg-br0
>>>>> #definition Bridge interface
>>>>> DEVICE=br0
>>>>> ONBOOT=yes
>>>>> TYPE=Bridge
>>>>> BOOTPROTO=static
>>>>> IPADDR=HOST IP number
>>>>> NETMASK=255.255.255.224  #(My HOST SUBNET MASK)
>>>>> IPV6INIT=yes
>>>>> IPV6ADDR=PP:XX:.....YY:ZZ
>>>>>
>>>>> ifcfg-br0:brgd
>>>>> DEVICE=br0:brgd
>>>>> ONBOOT=yes
>>>>> TYPE=Bridge
>>>>> BOOTPROTO=static
>>>>> IPADDR=192.0.2.1
>>>>> NETMASK=255.255.255.255
>>>>> #to avoid checking for already set IP
>>>>> ARPCHECK=no
>>>>>
>>>>> I am using Quagga(RIP) to transparently route (and displace) VPS IP among
>>>>> HOST
>>>>> such the VPS can be "somewhere" within Hardware cloud. (then VPS
>>>>> can be set with an IP unrelated to HOST).
>>>>>
>>>>> Hoping that help.
>>>>> Contact me privately if I can help.
>>>>>
>>>>> Quoting "Rene C." <openvz at dokbua.com>:
>>>>>
>>>>>> Kirill, do you know of a page where this procedure is documented?
>>>>>> Thanks!
>>>>>>
>>>>>> On Sat, Aug 17, 2013 at 4:54 PM, Kirill Korotaev <dev at parallels.com>
>>>>>> wrote:
>>>>>>>
>>>>>>>
>>>>>>> Rene, if I got your problem correct you need just create a routing rule
>>>>>>> in the host, so that it knew where to route your IPs.
>>>>>>>
>>>>>>> Or use bridged networking with veth interface instead.
>>>>>>>
>>>>>>> Sent from my iPhone
>>>>>>>
>>>>>>> On 17.08.2013, at 13:33, "Rene C." <openvz at dokbua.com> wrote:
>>>>>>>
>>>>>>>> I have this hardware node with IP xxx.22.181.158
>>>>>>>>
>>>>>>>> Node runs Centos 6, so does all containers.
>>>>>>>>
>>>>>>>> I already have 4 containers with IP addreses on the same submit
>>>>>>>> (xxx.22.181.*) running fine.
>>>>>>>>
>>>>>>>> Problem is, now my data center gave me 3 IP addresses in a new subnet
>>>>>>>> with a separate gateway:
>>>>>>>>
>>>>>>>> IP add  : xxx.13.31.130  -  132
>>>>>>>> subnet : 255.255.255.224
>>>>>>>> gateway : xxx.13.31.129
>>>>>>>>
>>>>>>>> The only way I can make this work is by taking one of these IP
>>>>>>>> addresses and bind to the hardware node, then I can use the remaining
>>>>>>>> IP addresses with containers - but this way I lose an IP address - the
>>>>>>>> one bound to the hardware node, which seems no longer usable for
>>>>>>>> containers.
>>>>>>>>
>>>>>>>> This is a problem both because there's a limit to how many IP's the DC
>>>>>>>> will allocate to a server, and because the IP addresses are quite
>>>>>>>> costly.
>>>>>>>>
>>>>>>>> Did I misunderstand something?
>>>>>>>>
>>>>>>>> - Rene
>>>>>>>> _______________________________________________
>>>>>>>> Users mailing list
>>>>>>>> Users at openvz.org
>>>>>>>> https://lists.openvz.org/mailman/listinfo/users
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Users mailing list
>>>>>>> Users at openvz.org
>>>>>>> https://lists.openvz.org/mailman/listinfo/users
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Users mailing list
>>>>>> Users at openvz.org
>>>>>> https://lists.openvz.org/mailman/listinfo/users
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> A bientôt
>>>>> ===========================================================
>>>>> Jean-Marc Pigeon                        E-Mail: jmp at safe.ca
>>>>> SAFE Inc.                             Phone: (514) 493-4280
>>>>>   Clement, 'a kiss solution' to get rid of SPAM (at last)
>>>>>      Clement' Home base <"http://www.clement.safe.ca">
>>>>> ===========================================================
>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> Users at openvz.org
>>>>> https://lists.openvz.org/mailman/listinfo/users
>>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at openvz.org
>>>> https://lists.openvz.org/mailman/listinfo/users
>>>
>>>
>>> --
>>> A bientôt
>>> ===========================================================
>>> Jean-Marc Pigeon                        E-Mail: jmp at safe.ca
>>> SAFE Inc.                             Phone: (514) 493-4280
>>>   Clement, 'a kiss solution' to get rid of SPAM (at last)
>>>      Clement' Home base <"http://www.clement.safe.ca">
>>> ===========================================================
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at openvz.org
>>> https://lists.openvz.org/mailman/listinfo/users
>>>

More information about the Users mailing list