<div dir="ltr">I approached this a little differently. I use the following to add a veth interface to a CT:<div><br></div><div>vzctl set CTID --netif_add eth40,,vethCTID.40,,vmbr40 --save<br></div><div><br></div><div>Where:</div>
<div> a) eth40 is the name of the interface created in the CT</div><div> b) vethCTID.40 is the veth interface create on the HE (CTID is replaced with the ID of the CT when the command is run)</div><div> c) vmbr40 is the existing interface on the HE with which to bridge</div>
<div><br></div><div>I have this patch applied to /usr/sbin/vznetaddbr; it causes vz actions (start/stop/etc) to retain the MAC of of the bridge interface (c) regardless of the MAC assigned to any given CT:</div><div><br></div>
<div><div>root@cluster-01:/usr/sbin# diff -ub vznetaddbr.orig vznetaddbr</div><div>--- vznetaddbr.orig 2014-02-28 12:26:02.880160551 -0600</div><div>+++ vznetaddbr 2014-02-25 10:41:47.691044968 -0600</div><div>@@ -29,6 +29,9 @@</div>
<div> [ -n "$bridge" ] ||</div><div> bridge=vmbr0</div><div><br></div><div>+ # Get the current mac address for the interface</div><div>+ brmac=`cat /sys/class/net/$bridge/address`</div><div>+</div>
<div> echo "Adding interface $host_ifname to bridge $bridge on CT0 for CT$VEID"</div><div> ip link set dev "$host_ifname" up</div><div> ip addr add <a href="http://0.0.0.0/0">0.0.0.0/0</a> dev "$host_ifname"</div>
<div>@@ -36,6 +39,9 @@</div><div> echo 1 >"/proc/sys/net/ipv4/conf/$host_ifname/forwarding"</div><div> brctl addif "$bridge" "$host_ifname"</div><div><br></div><div>+ # Retain the bridge's existing MAC address when the veth interfaces are added to the bridge</div>
<div>+ ip link set dev $bridge address $brmac</div><div>+</div><div> break</div><div> done</div></div><div><br></div><div><br></div><div>My interfaces end up looking like this:</div><div><br></div><div>-- physical interface (connected to a trunk port on the switch)</div>
<div><div>root@cluster-01:/usr/sbin# ifconfig -a eth1</div><div>eth1 Link encap:Ethernet HWaddr 00:25:90:61:b7:a3</div><div> inet6 addr: fe80::225:90ff:fe61:b7a3/64 Scope:Link</div><div> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1</div>
<div> RX packets:2557986 errors:0 dropped:0 overruns:0 frame:0</div><div> TX packets:3034979 errors:0 dropped:0 overruns:0 carrier:0</div><div> collisions:0 txqueuelen:1000</div><div> RX bytes:2005381887 (1.8 GiB) TX bytes:2248600912 (2.0 GiB)</div>
<div> Interrupt:17 Memory:feae0000-feb00000</div></div><div><br></div><div>-- vlan interface (vlan 40)</div><div><div>root@cluster-01:/usr/sbin# ifconfig -a eth1.40</div><div>eth1.40 Link encap:Ethernet HWaddr 00:25:90:61:b7:a3</div>
<div> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1</div><div> RX packets:112382 errors:0 dropped:0 overruns:0 frame:0</div><div> TX packets:44170 errors:0 dropped:0 overruns:0 carrier:0</div>
<div> collisions:0 txqueuelen:0</div><div> RX bytes:11706639 (11.1 MiB) TX bytes:218350867 (208.2 MiB)</div></div><div><br></div><div>(bridge to the vlan interface)</div><div><div>root@cluster-01:/usr/sbin# ifconfig veth2000.40</div>
<div>veth2000.40 Link encap:Ethernet HWaddr 00:18:51:17:55:76</div><div> inet6 addr: fe80::218:51ff:fe17:5576/64 Scope:Link</div><div> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1</div><div> RX packets:754 errors:0 dropped:0 overruns:0 frame:0</div>
<div> TX packets:58455 errors:0 dropped:17 overruns:0 carrier:0</div><div> collisions:0 txqueuelen:0</div><div> RX bytes:143467 (140.1 KiB) TX bytes:5739453 (5.4 MiB)</div></div><div><br></div>
<div>(bridged to the bridge if)</div><div><div>veth1000.40 Link encap:Ethernet HWaddr 00:18:51:c2:a6:97</div><div> inet6 addr: fe80::218:51ff:fec2:a697/64 Scope:Link</div><div> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1</div>
<div> RX packets:15045 errors:0 dropped:0 overruns:0 frame:0</div><div> TX packets:71670 errors:0 dropped:12 overruns:0 carrier:0</div><div> collisions:0 txqueuelen:0</div><div> RX bytes:1236221 (1.1 MiB) TX bytes:8757252 (8.3 MiB)</div>
</div><div><br></div><div>...etc</div><div><br></div><div><br></div><div>My CTs are configured like this (other interfaces removed), so you can see where the macs come from:<br></div><div>root@cluster-01:/usr/sbin# grep veth /etc/vz/conf/*.conf<br>
</div><div><div>/etc/vz/conf/1000.conf:NETIF="ifname=eth4,bridge=vmbr40,mac=00:18:51:08:CB:0B,host_ifname=veth1000.40,host_mac=00:18:51:C2:A6:97"</div><div>/etc/vz/conf/2000.conf:NETIF="ifname=eth4,bridge=vmbr40,mac=00:18:51:49:E4:D7,host_ifname=veth2000.40,host_mac=00:18:51:17:55:76"</div>
<div>/etc/vz/conf/3000.conf:NETIF="ifname=eth4,bridge=vmbr40,mac=00:18:51:5B:7A:6C,host_ifname=veth3000.40,host_mac=00:18:51:28:C0:2D"</div></div><div><br></div><div><br></div><div><div>And my bridges end up looking like this:</div>
<div><div>root@cluster-01:/usr/sbin# brctl showmacs vmbr40</div><div>port no mac addr is local? ageing timer</div><div> 2 00:18:51:08:cb:0b no 37.05</div><div> 3 00:18:51:17:55:76 yes 0.00</div>
<div> 3 00:18:51:49:e4:d7 no 298.06</div><div> 2 00:18:51:c2:a6:97 yes 0.00</div><div> 1 00:25:90:09:9b:81 no 2.54</div><div> 1 00:25:90:61:74:53 no 87.79</div>
<div> 1 00:25:90:61:b7:a3 yes 0.00</div><div> 1 ac:22:0b:51:32:de no 0.00</div></div></div><div><br></div><div><br></div><div>With this configuration I never have issues with network traffic disruptions at the CT or HE.</div>
<div><br></div><div>Axton Grams</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Feb 28, 2014 at 11:11 AM, Matt <span dir="ltr"><<a href="mailto:matt.mailinglists@gmail.com" target="_blank">matt.mailinglists@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I installed OpenVZ following this guide.<br>
<br>
<a href="http://openvz.org/Quick_Installation_CentOS_6" target="_blank">http://openvz.org/Quick_Installation_CentOS_6</a><br>
<br>
I know its not an official guide but I need bridged containers.<br>
Installing Directadmin on them and they need control over there<br>
interfaces to add and remove IP addresses.<br>
<br>
>>Create a CT<br>
<br>
>># vzctl create 102 --ostemplate centos-6-x86_64 --config vswap-1g<br>
<br>
>>Configure the CT<br>
<br>
>> ...<br>
>># vzctl set 102 --save --netif_add eth0,,,FE:FF:FF:FF:FF:FF<br>
>> ...<br>
<br>
>>FE:FF:FF:FF:FF:FF will ensure a permanent MAC address on the bridge interface.<br>
<br>
This is the part I do not understand. Why are we assigning it<br>
FE:FF:FF:FF:FF:FF? Does everything else look ok? I know I had to<br>
assign the Ethernet mac address too the bridge to avoid issues when<br>
restarting containers but otherwise this howto has worked well for me<br>
so far.<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@openvz.org">Users@openvz.org</a><br>
<a href="https://lists.openvz.org/mailman/listinfo/users" target="_blank">https://lists.openvz.org/mailman/listinfo/users</a><br>
</blockquote></div><br></div>