[Users] vlan and bridge network interface in openVZ/virtuozzo 7

Jehan Procaccia jehan.procaccia at tem-tsp.eu
Mon Oct 10 12:24:36 PDT 2016 

Indeed !
that was that last setting missing:

prlctl set MyCT11 --ifname eth0 --network vlan11

now vlans works fine
Just note that I had to add NM_CONTROLLED="no" to all mi ifcfg-xxx 
definition files, otherwise network restart failed to start them

regards .



Le 10/10/2016 09:12, Vasily Averin a écrit :
> Dear Jehan,
>
> Virtuozzo 7 have nice documentaion on docs.virtuozzo.com
>
> http://docs.virtuozzo.com/virtuozzo_7_users_guide/managing-network/configuring-virtual-machines-and-containers-in-bridged-mode.html?highlight=bridge
>
> in your case you need to bind container interface to newly-created bridge by using follwing command:
>
> prlctl set MyCT11 --ifname eth0 --network vlan11
>
> Thank you,
> 	Vasily Averin
>
> On 09.10.2016 22:37, Jehan Procaccia wrote:
>> I found a method to configure bridge and vlan based on RHEL docs :
>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Network_Bridging_Using_the_Command_Line_Interface.html
>>
>> in order not to mess with current config automatically configured by virtuozzo7 installer on em1 and em2 with repective bridges br0 en br1, I plugged a 3rd interface on the server (fiber) p2p2 :
>>
>> [network-scripts]# cat ifcfg-p2p2
>> TYPE=Ethernet
>> BOOTPROTO=none
>> NAME=p2p2
>> UUID=9188d131-21b1-4ee9-8205-c893b4a4fc44
>> DEVICE=p2p2
>> ONBOOT=yes
>>
>> then the associated subinterface for vlan11 as described in RHEL7 doc
>>
>> # cat ifcfg-p2p2*.11*
>> DEVICE=p2p2.11
>> BOOTPROTO=none
>> ONBOOT=yes
>> VLAN=yes
>> BRIDGE="br11"
>>
>> and finally the bridge for that vlan
>>
>> # cat ifcfg-br11
>> DEVICE="br11"
>> NAME="p2p2.11"
>> ONBOOT=yes
>> NETBOOT=yes
>> IPV6INIT=yes
>> BOOTPROTO=dhcp
>> TYPE="Bridge"
>> DELAY="2"
>> STP="off"
>>
>> # ip -d link show p2p2.11
>> 41: p2p2.11 at p2p2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br11 state UP mode DEFAULT
>>      link/ether f4:e9:d4:91:c4:33 brd ff:ff:ff:ff:ff:ff promiscuity 1
>>      vlan protocol 802.1Q id 11 <REORDER_HDR> addrgenmode none
>>
>> # ip -d link show br11
>> 42: br11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT
>>      link/ether f4:e9:d4:91:c4:33 brd ff:ff:ff:ff:ff:ff promiscuity 0
>>      bridge addrgenmode none
>>
>>
>> Now I can add my virtual network attached to the p2p2.11 interface (or should I have chosed  br11 !?)
>>
>> #  prlsrvctl net add vlan11 --type bridged --ifname p2p2.11
>> # prlsrvctl net list
>> Network ID        Type      Bound To       Bridge         Slave interfaces
>> Bridged           bridged   em2            br1
>> Host-Only         host-only                virbr0
>> vlan11            bridged   p2p2.11        br11
>>
>> # brctl show
>> bridge name    bridge id        STP enabled    interfaces
>> br0        8000.14187769840a    yes        em1
>> br1        8000.14187769840b    no        em2
>> br11        8000.f4e9d495c432    no        p2p2.11
>> host-routed        8000.000000000000    no
>> virbr0        8000.52540064dd31    no        virbr0-nic
>>
>> create a container MyCT11
>> # prlctl create MyCT11 --vmtype ct
>> ...
>> Processing metadata for centos-7-x86_64
>> ...The Container has been successfully created.
>>
>> now I add an interface to my CT so that it will be in vlan11
>>
>> # prlctl set MyCT11 --netif_add eth0
>> # prlctl set MyCT11 --ifname eth0 --ipadd 192.168.11.10/24
>> # prlctl set MyCT11 --ifname eth0 --gw 192.168.11.1
>>
>> entering the CT an pinging the gateway unfortunatly fails
>>
>> CT-bad098d8 /# ping 192.168.11.1
>> PING 192.168.11.1 (192.168.11.1) 56(84) bytes of data.
>> ^C
>> --- 192.168.11.1 ping statistics ---
>> 3 packets transmitted, 0 received, 100% packet loss, time 1999ms
>>
>>
>> the pb seems that that new CT seems to be attached to an other bridge
>>
>> # prlsrvctl net list
>> Network ID        Type      Bound To       Bridge         Slave interfaces
>> Bridged           bridged   em2            *br1     *      *veth4250fe85   *
>> Host-Only         host-only                virbr0
>> vlan11            bridged   p2p2.11        br11
>>
>> not to vlan11 network on br11
>>
>> I guess I missed something , where did I went wrong ?
>> anyone has a full scenario to enable vlan through bridge mode in CT (and VM) ?
>>
>> regards .
>>
>> http://docs.virtuozzo.com/virtuozzo_7_users_guide/managing-network/configuring-virtual-machines-and-containers-in-bridged-mode.html
>>
>> Le 07/10/2016 19:22, Jehan Procaccia a écrit :
>>> hello
>>>
>>> based on  https://docs.openvz.org/openvz_users_guide.webhelp/_configuring_virtual_machines_and_containers_in_bridged_mode.html
>>> it is not clear to me how to create virtual networks associated to  vlans ?
>>>
>>> On a fresly installed Virtuozzo Linux release 7.2 (3515) on a host with 2 activated interfaces (em1 and em2) in trunk mode (cisco terminology switchport trunk, allowed vlan 10,11,12, native 10) I cannot find out how to create networks dedicated to a vlan
>>>
>>> I tried :
>>> # prlsrvctl net add vlan11 --type bridged --ifname em2
>>> Failed to add Virtual Network vlan11: This network adapter is already in use. Please select another network adapter and try again.
>>>
>>> I suspect that because em2 is already bridge to br1, it cannot be bridged anymore ?
>>>
>>> Or should I create a /etc/sysconfig/network-scripts/ifcfg-em2.11 to have a interface dedicated to vlan11 :
>>> # cat ifcfg-em2.11
>>> DEVICE=em2.11
>>> ONBOOT=yes
>>> TYPE=Ethernet
>>> BOOTPROTO=none
>>> VLAN=yes
>>>
>>> an then try to: /prlsrvctl net add vlan11 --type bridged --ifname em2.11/ ?
>>> unfortunatly after /systemctl restart network/ , system complains with :
>>>
>>> Bringing up interface em2.11:  Error: Connection activation failed: No suitable device found for this connection.
>>>
>>> as anymone succeed in configuring CT and VM attached to vlan (in bridge mode as I want full feature network with multicast/broacast) ?
>>>
>>> Thanks .
>>>
>>> PS : few more information of the actual network config on the system :
>>>
>>> # ip addr | grep LOWER_UP
>>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
>>> 2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP qlen 1000
>>> 3: em2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br1 state UP qlen 1000
>>> 8: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
>>> 22: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
>>> 23: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
>>>
>>> # prlsrvctl net list
>>> Network ID        Type      Bound To       Bridge         Slave interfaces
>>> Bridged           bridged   em2            br1
>>> Host-Only         host-only                virbr0
>>>
>>> it strange that em1 and br0 doesn't show up here !?
>>>
>>> # brctl show
>>> bridge name    bridge id        STP enabled    interfaces
>>> br0        8000.14187769840a    no        em1
>>> br1        8000.14187769840b    no        em2
>>> host-routed        8000.000000000000    no
>>> virbr0        8000.52540064dd31    no        virbr0-nic
>>> virbr2        8000.52540085818e    no        virbr2-nic
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at openvz.org
>>> https://lists.openvz.org/mailman/listinfo/users
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at openvz.org
>> https://lists.openvz.org/mailman/listinfo/users
>>

More information about the Users mailing list