<div dir="ltr"><div><div><div>Hi,<br></div><div>I don't know very much about "ip", but...<br><br></div>Kir said:<br> ip route add xxx.13.31.128/27 dev eth0 scope link<br></div><br>not table.<br></div>from man ip:<br>
<br> scope SCOPE_VAL<br> the scope of the destinations covered by the route prefix.<br> SCOPE_VAL may be a number or a string from the file<br> /etc/iproute2/rt_scopes. If this parameter is omitted, ip<br>
assumes scope global for all gatewayed unicast routes, scope<br> link for direct unicast and broadcast routes and scope host for<br> local routes.<br><br>table TABLEID<br> the table to add this route to. TABLEID may be a number or a<br>
string from the file /etc/iproute2/rt_tables. If this parameter<br> is omitted, ip assumes the main table, with the exception of<br> local , broadcast and nat routes, which are put into the local<br>
table by default.<br><br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, Aug 24, 2013 at 9:50 PM, Rene C. <span dir="ltr"><<a href="mailto:openvz@dokbua.com" target="_blank">openvz@dokbua.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I know I'm probably being a PITA, but I'm still stuck with this.<br>
<br>
The problem is very simple at this time - I'm following the guide<br>
that's referred, but at the second step I get an error, and I have no<br>
idea how to proceed from here.<br>
<div class="im"><br>
# ip rule add from xxx.13.31.0/24 table 6<br>
# ip route add default dev eth0 via xxx.13.31.129 table 6<br>
RTNETLINK answers: No such process<br>
<br>
</div> Help. Please.<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
On Wed, Aug 21, 2013 at 12:39 AM, Rene C. <<a href="mailto:openvz@dokbua.com">openvz@dokbua.com</a>> wrote:<br>
> Hi Kir,<br>
><br>
> Thanks for taking the time to reply!! I understand this is probably<br>
> tedious routine, but it's a blocking issue for me. Yes the provider<br>
> should probably have taken care of it, but I have the privilege of<br>
> bringing Internet to a third world country and we sometimes have to<br>
> live with what we get.<br>
><br>
> I can ping the gateway fine from the hardware node:<br>
><br>
> [root@server17 ~]# ping xxx.13.31.129<br>
> PING xxx.13.31.129 (xxx.13.31.129) 56(84) bytes of data.<br>
> 64 bytes from xxx.13.31.129: icmp_seq=1 ttl=255 time=0.337 ms<br>
> 64 bytes from xxx.13.31.129: icmp_seq=2 ttl=255 time=3.46 ms<br>
> 64 bytes from xxx.13.31.129: icmp_seq=3 ttl=255 time=2.68 ms<br>
> ...<br>
><br>
> So if I understand you correct, the only thing to do next is to set up<br>
> source routing. I tried that before and already explained that it<br>
> stops with an error:<br>
><br>
> # ip rule add from xxx.13.31.0/24 table 6<br>
> # ip route add default dev eth0 via xxx.13.31.129 table 6<br>
> RTNETLINK answers: No such process<br>
><br>
> I've got my container and one of the allocated IP's bound to it, but I<br>
> can't ping either in or out from the container.<br>
><br>
> // Rene<br>
><br>
><br>
> On Tue, Aug 20, 2013 at 11:48 PM, Kir Kolyshkin <<a href="mailto:kir@openvz.org">kir@openvz.org</a>> wrote:<br>
>> On 08/20/2013 09:13 AM, Rene C. wrote:<br>
>>><br>
>>> No takers!? Is it more complicated than I imagine? I have tried to<br>
>>> explain it as well as I can. Please let me know if there is anything<br>
>>> unclear and I'll try to clarify.<br>
>><br>
>><br>
>> As I explained earlier, you don't have to use bridging in this scenario.<br>
>><br>
>> All you need to do is to add the proper static route to your system so<br>
>> that other network is reachable from your host, that is it.<br>
>><br>
>> First, make sure that the gateway they specified is reachable from your<br>
>> host:<br>
>> ping xxx.13.31.129<br>
>><br>
>> I am assuming it is not, and you only have one network card (eth0). So, you<br>
>> need<br>
>> to tell your host that this network is actually there:<br>
>><br>
>> ip route add xxx.13.31.128/27 dev eth0 scope link<br>
>><br>
>> After that, the above ping should work.<br>
>><br>
>> Next, you should probably set up source routing for these IPs, so that<br>
>> containers in this range will use the gateway provided. Check<br>
>> <a href="http://openvz.org/Source_based_routing" target="_blank">http://openvz.org/Source_based_routing</a> for details.<br>
>><br>
>> Finally, you can set an IP for your container in a usual manner, using<br>
>> venet:<br>
>><br>
>> vzctl set NNN --ipadd xxx.13.31.130/27 --save<br>
>><br>
>> and then check that everything works (ping from inside container etc.).<br>
>><br>
>> Kir.<br>
>><br>
>> PS frankly speaking, this is what your hoster should've explained to you. If<br>
>> they do<br>
>> such extravagant setups, they should be able to help their customers setting<br>
>> those up.<br>
>><br>
>>><br>
>>> // Rene<br>
>>><br>
>>> On Sun, Aug 18, 2013 at 1:22 PM, Rene C. <<a href="mailto:openvz@dokbua.com">openvz@dokbua.com</a>> wrote:<br>
>>>><br>
>>>> ... continued<br>
>>>><br>
>>>><br>
>>>> So going the simple/obvious way of bridging the CT0 interface I try<br>
>>>> the longer route:<br>
>>>><br>
>>>> [root@server17 ~]# ifconfig veth1706.0 0<br>
>>>> [root@server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/veth1706.0/forwarding<br>
>>>> [root@server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/veth1706.0/proxy_arp<br>
>>>> [root@server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding<br>
>>>> [root@server17 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp<br>
>>>> [root@server17 ~]# vzctl enter 1706<br>
>>>> entered into CT 1706<br>
>>>> [root@vps1706 /]# ifconfig eth0 0<br>
>>>> [root@vps1706 /]# ip addr add xxx.13.31.131 dev eth0<br>
>>>> [root@vps1706 /]# route add default dev eth0<br>
>>>> [root@vps1706 /]# logout<br>
>>>> exited from CT 1706<br>
>>>> [root@server17 ~]# ip route add xxx dev veth1706.0<br>
>>>> RTNETLINK answers: File exists<br>
>>>><br>
>>>><br>
>>>> To recap the problem:<br>
>>>><br>
>>>> I have this hardware node with IP xxx.22.181.158<br>
>>>><br>
>>>> Node runs Centos 6, so does all containers.<br>
>>>><br>
>>>> I already have 4 containers with IP addresses on the same subnet<br>
>>>> (xxx.22.181.*) running fine.<br>
>>>><br>
>>>> Problem is, now my data center gave me 3 IP addresses in a new subnet<br>
>>>> with a separate gateway:<br>
>>>><br>
>>>> IP add : xxx.13.31.130 - 132<br>
>>>> subnet : 255.255.255.224<br>
>>>> gateway : xxx.13.31.129<br>
>>>><br>
>>>> How can I make this work. Please be specific. I don't mind reading and<br>
>>>> learning, but the learning curve at this stage is too high, I'm not<br>
>>>> getting anywhere. Thanks.<br>
>>>><br>
>>>><br>
>>>><br>
>>>><br>
>>>> On Sun, Aug 18, 2013 at 12:28 PM, Rene C. <<a href="mailto:openvz@dokbua.com">openvz@dokbua.com</a>> wrote:<br>
>>>>><br>
>>>>> I'm sorry but networking is obviously not one of my strong areas and<br>
>>>>> for all the good intentions, all the buzzwords confuse me more than<br>
>>>>> they help me.<br>
>>>>><br>
>>>>> I had a look at <a href="http://openvz.org/Virtual_Ethernet_device" target="_blank">http://openvz.org/Virtual_Ethernet_device</a>, and it<br>
>>>>> gives detailed information about a number of scenarios, for example<br>
>>>>> "Simple configuration with virtual Ethernet devices" and then proceeds<br>
>>>>> with 50 steps to set it up. (Ok I exaggerate but you get my drift). I<br>
>>>>> think my requirement is very very simple, like I explained before, my<br>
>>>>> DC gave me a bunch of IP addresses on a new subnet requiring a<br>
>>>>> different gateway for it to work.<br>
>>>>><br>
>>>>> I tried.<br>
>>>>><br>
>>>>> Ok so I start at the "imple configuration with virtual Ethernet<br>
>>>>> device", with the vzctl start and set commands listed. Then it says<br>
>>>>> "The following steps are needed when the CT is not bridged to a CT0<br>
>>>>> network interface.". Ok, I guess I should make the "CT bridged to a<br>
>>>>> CT0 network inteface" then... but how? There's a section<br>
>>>>> "Independent Virtual Ethernet communication through the bridge". It<br>
>>>>> starts with "create bridge device", starting with "brctl addbr vzbr0".<br>
>>>>> Ok, I try that...<br>
>>>>><br>
>>>>> # brctl addbr vzbr0<br>
>>>>> -bash: brctl: command not found<br>
>>>>><br>
>>>>> Now what?<br>
>>>>><br>
>>>>> I just need to set this up. Not how to enable a VPN tunnel or multiple<br>
>>>>> 192.168 networks. I'm sure someone in the know could tell me this is<br>
>>>>> a matter of two lines instead of this information overload.<br>
>>>>><br>
>>>>> Thanks!<br>
>>>>><br>
>>>>><br>
>>>>><br>
>>>>> On Sun, Aug 18, 2013 at 3:36 AM, Jean-Marc Pigeon <<a href="mailto:jmp@safe.ca">jmp@safe.ca</a>> wrote:<br>
>>>>>><br>
>>>>>> Bonjour Rene C.<br>
>>>>>><br>
>>>>>> My understanding you want to route VPS IP not related to host IP.<br>
>>>>>> Just to tell you we have such config.<br>
>>>>>> Using veth within the VPS and the host with Bridge interface.<br>
>>>>>> Our config is working IP double stack (IPV4 + IPV6).<br>
>>>>>><br>
>>>>>> The VPS eth0 interface is a very straightforward one.<br>
>>>>>> VPS ifcfg-eth0<br>
>>>>>> DEVICE=eth0<br>
>>>>>> BOOTPROTO=static<br>
>>>>>> ONBOOT=yes<br>
>>>>>> IPADDR=X.Y.Z.T<br>
>>>>>> NETMASK=255.255.255.255<br>
>>>>>> IPV6INIT=yes<br>
>>>>>> IPV6ADDR=XX:YY.......ZZ:TT<br>
>>>>>><br>
>>>>>> Keyword are veth, IPV4 Routing, Bridge.<br>
>>>>>> <a href="http://openvz.org/Virtual_Ethernet_device" target="_blank">http://openvz.org/Virtual_Ethernet_device</a><br>
>>>>>> seems to me a good starting point.<br>
>>>>>><br>
>>>>>><br>
>>>>>> Quoting "Rene C." <<a href="mailto:openvz@dokbua.com">openvz@dokbua.com</a>>:<br>
>>>>>><br>
>>>>>>> Thanks Jean-Marc, I don't think this is what I need though - I don't<br>
>>>>>>> have any bridge interfaces anywhere, and frankly don't quite see how<br>
>>>>>>> it fits into the server. There's only a ifcfg-eth0 file.<br>
>>>>>>><br>
>>>>>>> I had a look at this page -<br>
>>>>>>> <a href="http://wiki.openvz.org/Source_based_routing" target="_blank">http://wiki.openvz.org/Source_based_routing</a> - am I on the right track?<br>
>>>>>>><br>
>>>>>>> I tried some of the commands but it threw an error early on so I have<br>
>>>>>>> a feeling I'm not.<br>
>>>>>>><br>
>>>>>>> # ip rule add from xxx.13.31.0/24 table 6<br>
>>>>>>> # ip route add default dev eth0 via xxx.13.31.129 table 6<br>
>>>>>>> RTNETLINK answers: No such process<br>
>>>>>>><br>
>>>>>>><br>
>>>>>>><br>
>>>>>>> On Sat, Aug 17, 2013 at 10:28 PM, Jean-Marc Pigeon <<a href="mailto:jmp@safe.ca">jmp@safe.ca</a>><br>
>>>>>>> wrote:<br>
>>>>>>>><br>
>>>>>>>> Bonjour Rene C,<br>
>>>>>>>><br>
>>>>>>>> My config:<br>
>>>>>>>><br>
>>>>>>>> ifcfg-br0<br>
>>>>>>>> #definition Bridge interface<br>
>>>>>>>> DEVICE=br0<br>
>>>>>>>> ONBOOT=yes<br>
>>>>>>>> TYPE=Bridge<br>
>>>>>>>> BOOTPROTO=static<br>
>>>>>>>> IPADDR=HOST IP number<br>
>>>>>>>> NETMASK=255.255.255.224 #(My HOST SUBNET MASK)<br>
>>>>>>>> IPV6INIT=yes<br>
>>>>>>>> IPV6ADDR=PP:XX:.....YY:ZZ<br>
>>>>>>>><br>
>>>>>>>> ifcfg-br0:brgd<br>
>>>>>>>> DEVICE=br0:brgd<br>
>>>>>>>> ONBOOT=yes<br>
>>>>>>>> TYPE=Bridge<br>
>>>>>>>> BOOTPROTO=static<br>
>>>>>>>> IPADDR=192.0.2.1<br>
>>>>>>>> NETMASK=255.255.255.255<br>
>>>>>>>> #to avoid checking for already set IP<br>
>>>>>>>> ARPCHECK=no<br>
>>>>>>>><br>
>>>>>>>> I am using Quagga(RIP) to transparently route (and displace) VPS IP<br>
>>>>>>>> among<br>
>>>>>>>> HOST<br>
>>>>>>>> such the VPS can be "somewhere" within Hardware cloud. (then VPS<br>
>>>>>>>> can be set with an IP unrelated to HOST).<br>
>>>>>>>><br>
>>>>>>>> Hoping that help.<br>
>>>>>>>> Contact me privately if I can help.<br>
>>>>>>>><br>
>>>>>>>> Quoting "Rene C." <<a href="mailto:openvz@dokbua.com">openvz@dokbua.com</a>>:<br>
>>>>>>>><br>
>>>>>>>>> Kirill, do you know of a page where this procedure is documented?<br>
>>>>>>>>> Thanks!<br>
>>>>>>>>><br>
>>>>>>>>> On Sat, Aug 17, 2013 at 4:54 PM, Kirill Korotaev <<a href="mailto:dev@parallels.com">dev@parallels.com</a>><br>
>>>>>>>>> wrote:<br>
>>>>>>>>>><br>
>>>>>>>>>><br>
>>>>>>>>>> Rene, if I got your problem correct you need just create a routing<br>
>>>>>>>>>> rule<br>
>>>>>>>>>> in the host, so that it knew where to route your IPs.<br>
>>>>>>>>>><br>
>>>>>>>>>> Or use bridged networking with veth interface instead.<br>
>>>>>>>>>><br>
>>>>>>>>>> Sent from my iPhone<br>
>>>>>>>>>><br>
>>>>>>>>>> On 17.08.2013, at 13:33, "Rene C." <<a href="mailto:openvz@dokbua.com">openvz@dokbua.com</a>> wrote:<br>
>>>>>>>>>><br>
>>>>>>>>>>> I have this hardware node with IP xxx.22.181.158<br>
>>>>>>>>>>><br>
>>>>>>>>>>> Node runs Centos 6, so does all containers.<br>
>>>>>>>>>>><br>
>>>>>>>>>>> I already have 4 containers with IP addreses on the same submit<br>
>>>>>>>>>>> (xxx.22.181.*) running fine.<br>
>>>>>>>>>>><br>
>>>>>>>>>>> Problem is, now my data center gave me 3 IP addresses in a new<br>
>>>>>>>>>>> subnet<br>
>>>>>>>>>>> with a separate gateway:<br>
>>>>>>>>>>><br>
>>>>>>>>>>> IP add : xxx.13.31.130 - 132<br>
>>>>>>>>>>> subnet : 255.255.255.224<br>
>>>>>>>>>>> gateway : xxx.13.31.129<br>
>>>>>>>>>>><br>
>>>>>>>>>>> The only way I can make this work is by taking one of these IP<br>
>>>>>>>>>>> addresses and bind to the hardware node, then I can use the<br>
>>>>>>>>>>> remaining<br>
>>>>>>>>>>> IP addresses with containers - but this way I lose an IP address -<br>
>>>>>>>>>>> the<br>
>>>>>>>>>>> one bound to the hardware node, which seems no longer usable for<br>
>>>>>>>>>>> containers.<br>
>>>>>>>>>>><br>
>>>>>>>>>>> This is a problem both because there's a limit to how many IP's<br>
>>>>>>>>>>> the DC<br>
>>>>>>>>>>> will allocate to a server, and because the IP addresses are quite<br>
>>>>>>>>>>> costly.<br>
>>>>>>>>>>><br>
>>>>>>>>>>> Did I misunderstand something?<br>
>>>>>>>>>>><br>
>><br>
>> _______________________________________________<br>
>> Users mailing list<br>
>> <a href="mailto:Users@openvz.org">Users@openvz.org</a><br>
>> <a href="https://lists.openvz.org/mailman/listinfo/users" target="_blank">https://lists.openvz.org/mailman/listinfo/users</a><br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@openvz.org">Users@openvz.org</a><br>
<a href="https://lists.openvz.org/mailman/listinfo/users" target="_blank">https://lists.openvz.org/mailman/listinfo/users</a><br>
</div></div></blockquote></div><br></div>