[Users] Virtuozzo 7 bridged network

Maxim Perevedentsev mperevedentsev at virtuozzo.com
Fri Apr 8 04:31:04 PDT 2016


Hello!

In this message I will try to explain the situation with bridged and 
host-only networks
and bridges and VLANs and bonding in OpenVZ/Virtuozzo.

It also covers the issues mentioned (and worked around) in

https://lists.openvz.org/pipermail/users/2016-February/006788.html

(I will refer to this message as [6788])

So, here we talk about bridged and host-only networks.

=================

The host-only network is intended to connect only vm/ct interfaces, so
it does not have to be connected to a host network adapter.
To create it, it is necessary to have just a bridge. But in current 
implementation
of OpenVZ and libvirt, you need an adapter for the bridge to be used.

A host-only network is created by
 > prlsrvctl net add XXX

So on creation of host-only bridge (named *virbrN*) the virtual 
interface virbrN-nic
is created and connected to bridge. So the name of interface one may 
provide on
 > prlsrvctl net add XXX -i <interface>
is *ignored*. Thus it is impossible to create a host-only network over 
specific
user-defined bridge using prlsrvctl (as in question referenced by [6788]).

There are two possibilities to achieve the effect you need:
1) Proposed in [6788]: create a host-only network without specifying 
interface,
and then change bridge name in libvirt config.

2) Create a fake interface (e.g. tun/tap) and connect it to a bridge
(in fact, virbrN-nic is a tun device itself).
Then you will be able to create a *bridged* network over this bridge using
 > prlsrvctl net add XXX -i tun1 -t bridged
The tun device may be down, bridge (if up) will work, connecting the 
vm/ct interfaces.

=================

The bridged network is intended to connect vm/ct interfaces to a host 
network adapter.
So you can provide an interface name, and OpenVZ will try to find a bridge
connected to this interface, and create a network over it
(the interface does not have to be a physical one; that was used in 
previous section).

=================

The problem mentioned in message being replied is related to a bug in 
OpenVZ,
and must not reproduce now (prl-disp-service-7.0.321+).

An important notice about networks over vlan/bond interfaces is that 
interfaces
must be carefully configured (e.g. in ifcfg-* scripts).
Libvirt usually gathers information about these interfaces using a 
library called /netcf
/(package /netcf-libs/ in my distro). So if you face some issues with 
bridged networks over
vlan/bond interfaces, and you have /libnetcf.so.* /installed, you should 
check if
 > ncftool dumpxml <bridge>            (may require installing /netcf/ 
package)
outputs correct configuration (mentions vlan/bond, not just ethernet).
If not, you should probably fix your configs.


> Hello.
>
> Previously we used something like
> NETIF="ifname=eth0,bridge=br100,mac=E2:18:28:65:35:AA,host_ifname=veth118.0,host_mac=00:18:51:89:A9:D7"
> to configure bridged networks for containers.
> Now this evidently doesn't work.
>
> I've tried to follow Virtuozzo 7 documentation (where bond0.100 is
> interface for vlan 100 over bond0).
>
> # prlsrvctl net add vlan100 -t bridged -i bond0.100
> Failed to add Virtual Network vlan100: Operation failed. Failed to
> execute the operation.
>
> What am I doing wrong? How am I supposed to configure bridged network
> for container?
>
> I've tried to follow
> https://lists.openvz.org/pipermail/users/2016-February/006788.html, but
> it doesn't work for me, prlsrvctl net list doesn't see the network after
> modification.

-- 
Your sincerely,
Maxim Perevedentsev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/users/attachments/20160408/f3b0c7b9/attachment.html>


More information about the Users mailing list