[Users] OpenVZ on EL6 - weird network issue

Hristo Benev foxb at abv.bg
Sat Dec 27 15:12:22 PST 2014 

>-------- Оригинално писмо --------

 >От: Michael Stauber mstauber at blueonyx.it

 >Относно: Re: [Users] OpenVZ on EL6 - weird network issue

 >До: OpenVZ users <users at openvz.org>

 >Изпратено на: Неделя, 2014, Декември 28 00:18:17 EET



 
> Hi Pavel,
 
> 
 
> > Did you tried open-v-switch instead standard Linux bridges?
 
> 
 
> I actually wasn't aware of that one before you mentioned it.
 
> 
 
> I'm just starting to read the docs and specs of it and it looks indeed
 
> very interesting.
 
> 
 
> Do you by chance have any specific pointers or docs how to set it up for
 
> usage with OpenVZ? I'm willing to give it a shot, but with these client
 
> systems I can't afford much in the way of experimenting. Taking the
 
> bridge stack apart and replacing it with something else might be a
 
> little too extreme, but I'll consider it as last resort. In any case I'd
 
> like to avoid the usual beginner mistakes one could make when switching
 
> to open-v-switch, so any tips and hints (or URLs to reading material)
 
> would be appreciated.
 
> 
 
> As for Scott's suggestion with a cronjob with arp-seeds:
 
> 
 
> I did some digging and the network related shell scripts of OpenVZ are
 
> quite enlightening there:
 
> 
 
> /etc/sysconfig/network-scripts/ifup-venet
 
> /usr/libexec/vzctl/scripts/vps-functions
 
> 
 
> It appears that if I set up a cronjob that periodically runs ...
 
> 
 
> /etc/sysconfig/network-scripts/ifup-venet
 
> /etc/sysconfig/network-scripts/ifcfg-br0
 
> 
 
> ... then it'll handle the arp-seeds as well via the function vzarp() as
 
> provided by /usr/libexec/vzctl/scripts/vps-functions.
 
> 
 
> I tried it on a test box and it didn't appear to have any negative
 
> impact. Some debugging lines thrown in by me also showed me the exact
 
> commands that these scripts use to do the arp-seeds. I can work with that.
 
> 
 
> I'll implement that on the three affected nodes and will see if it helps.
 
> 
 
> -- 
 
> 
With best regards
 
> 
 
> Michael Stauber
 
> _______________________________________________
 
> Users mailing list
 
> Users at openvz.org
 
> https://lists.openvz.org/mailman/listinfo/users


>From what you are experiencing I'll check ARP on the switch...

If I understood correctly you firewall cannot reach the nodes (cannot be reached from outside...) - can you ssh to them from FW?

Good luck...

More information about the Users mailing list