[Users] Virtuozzo 7 bridged network
Maxim Perevedentsev
mperevedentsev at virtuozzo.com
Fri Apr 8 04:31:04 PDT 2016
Hello!
In this message I will try to explain the situation with bridged and
host-only networks
and bridges and VLANs and bonding in OpenVZ/Virtuozzo.
It also covers the issues mentioned (and worked around) in
https://lists.openvz.org/pipermail/users/2016-February/006788.html
(I will refer to this message as [6788])
So, here we talk about bridged and host-only networks.
=================
The host-only network is intended to connect only vm/ct interfaces, so
it does not have to be connected to a host network adapter.
To create it, it is necessary to have just a bridge. But in current
implementation
of OpenVZ and libvirt, you need an adapter for the bridge to be used.
A host-only network is created by
> prlsrvctl net add XXX
So on creation of host-only bridge (named *virbrN*) the virtual
interface virbrN-nic
is created and connected to bridge. So the name of interface one may
provide on
> prlsrvctl net add XXX -i <interface>
is *ignored*. Thus it is impossible to create a host-only network over
specific
user-defined bridge using prlsrvctl (as in question referenced by [6788]).
There are two possibilities to achieve the effect you need:
1) Proposed in [6788]: create a host-only network without specifying
interface,
and then change bridge name in libvirt config.
2) Create a fake interface (e.g. tun/tap) and connect it to a bridge
(in fact, virbrN-nic is a tun device itself).
Then you will be able to create a *bridged* network over this bridge using
> prlsrvctl net add XXX -i tun1 -t bridged
The tun device may be down, bridge (if up) will work, connecting the
vm/ct interfaces.
=================
The bridged network is intended to connect vm/ct interfaces to a host
network adapter.
So you can provide an interface name, and OpenVZ will try to find a bridge
connected to this interface, and create a network over it
(the interface does not have to be a physical one; that was used in
previous section).
=================
The problem mentioned in message being replied is related to a bug in
OpenVZ,
and must not reproduce now (prl-disp-service-7.0.321+).
An important notice about networks over vlan/bond interfaces is that
interfaces
must be carefully configured (e.g. in ifcfg-* scripts).
Libvirt usually gathers information about these interfaces using a
library called /netcf
/(package /netcf-libs/ in my distro). So if you face some issues with
bridged networks over
vlan/bond interfaces, and you have /libnetcf.so.* /installed, you should
check if
> ncftool dumpxml <bridge> (may require installing /netcf/
package)
outputs correct configuration (mentions vlan/bond, not just ethernet).
If not, you should probably fix your configs.
> Hello.
>
> Previously we used something like
> NETIF="ifname=eth0,bridge=br100,mac=E2:18:28:65:35:AA,host_ifname=veth118.0,host_mac=00:18:51:89:A9:D7"
> to configure bridged networks for containers.
> Now this evidently doesn't work.
>
> I've tried to follow Virtuozzo 7 documentation (where bond0.100 is
> interface for vlan 100 over bond0).
>
> # prlsrvctl net add vlan100 -t bridged -i bond0.100
> Failed to add Virtual Network vlan100: Operation failed. Failed to
> execute the operation.
>
> What am I doing wrong? How am I supposed to configure bridged network
> for container?
>
> I've tried to follow
> https://lists.openvz.org/pipermail/users/2016-February/006788.html, but
> it doesn't work for me, prlsrvctl net list doesn't see the network after
> modification.
--
Your sincerely,
Maxim Perevedentsev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/users/attachments/20160408/f3b0c7b9/attachment.html>
More information about the Users
mailing list