[Users] OpenVZ 7 venet/source based routing

Peter Teunissen oneman at onemanifest.net
Sun Dec 31 16:28:02 MSK 2017


I've got such a setup and it works just fine using veth and vbridges. I setup a bridge on each physical NIC and explicitly add a CT to a bridge. The only thing I noticed that (at least on a debian CT0) I had to add an IP4 for the CT0 on each NIC in order to get dual stack working.


Peter





> On 28 Dec 2017, at 20:59, Axton <axton.grams at gmail.com> wrote:
> 
> I have a HN with a presence on a series of networks:
> vlan2, vlan3, vlan4, etc.
> 
> The HN only has an IP address allocated to one of the interfaces, a management network.
> 
> Is it possible to assign IP addresses to CT on a network where the HN does not have an IP address?
> 
> Example:
> 
> HN:
> vmbr10 10.0.10.0/24 <http://10.0.10.0/24>, gw 10.0.10.1 <http://10.0.10.1/>: no ip assigned, server vlan
> vmbr20 10.0.20.0/24 <http://10.0.20.0/24>, gw 10.0.20.1 <http://10.0.20.1/>: ip assigned, 10.0.20.100, management network
> vmbr30 10.0.30.0/24 <http://10.0.30.0/24>, gw 10.0.30.1 <http://10.0.30.1/>: no ip assigned, dmz
> 
> CT1:
> venet0 with IP in dmz, 10.0.30.10
> 
> CT2:
> venet0 with IP in server, 10.0.10.45
> 
> Everything works if I assign an IP to the CT on the network where the HN has an IP address.
> 
> I tried to setup source based routing on the HN for the interfaces where the HN does not have an IP address, but I get an error:
> 
> # ip rule add from 10.0.30.0/24 <http://10.0.30.0/24> lookup dmz
> # ip route add throw 10.0.30.0/24 <http://10.0.30.0/24> table dmz
> # ip route add default via 10.0.30.1 dev vmbr30 table dmz
> RTNETLINK answers: Network is unreachable
> 
> Not sure if this is possible, looking for insight.
> 
> Thanks,
> Axton
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://lists.openvz.org/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/users/attachments/20171231/9bd04ad3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.openvz.org/pipermail/users/attachments/20171231/9bd04ad3/attachment.sig>


More information about the Users mailing list