[prev in list] [next in list] [prev in thread] [next in thread]
List: openvz-debian
Subject: [Debian] Re: Bug#574522: clarification of proxy_arp settings
From: opal () debian ! org (Ola Lundqvist)
Date: 2010-03-26 16:25:30
Message-ID: 20100326202516.GA17496 () inguza ! net
[Download RAW message or body]
Hi Kir and others in the openvz team
There are some uncertainties on how to set the proxy_arp setting.
I assume it is needed whenever the interface needs to announce its ip
address to the outside network (i.e. when the host do not act as router),
but I'm not 100% in which cases that is.
Can you shed some light on this?
For more information, see http://bugs.debian.org/574522
Best regards,
// Ola
On Fri, Mar 26, 2010 at 07:11:32AM +0100, Stefan Alfredsson wrote:
>
> On 19 Mar 2010, at 06:49, Ola Lundqvist wrote:
> > However the documentation should also be better described. Suggestions
> > on this is highly welcome.
>
> Yes, and the primary question is when proxy_arp should be used. I've scouted the \
> net and came up with the following:
>
> proxy_arp=0
> -----------------
>
> http://wiki.openvz.org/Quick_installation
> http://wiki.openvz.org/Using_veth_and_brctl_for_protecting_HN_and_saving_IP_addresses
>
> proxy_arp=1
> -----------------
>
> http://wiki.openvz.org/Virtual_Ethernet_device
> http://ckdake.com/content/2008/vlans-in-openvz.html
>
> > make sure that proxy_arp and forwarding are enabled for bond0.10 in \
> > /proc/sys/net/ipv4/conf/bond0.10/
>
> https://gforge.inria.fr/tracker/index.php?func=detail&aid=8459&group_id=411&atid=5117
>
> Ambigous
> ---------------
>
> http://en.gentoo-wiki.com/wiki/OpenVZ_VLAN
>
> > echo "1" > /proc/sys/net/ipv4/conf/$x/proxy_arp
>
> and then later
>
> > I doubt that
> > echo "1" > /proc/sys/net/ipv4/conf/$x/proxy_arp
> > is actually needed, at least I've never used it and everything works fine without \
> > proxy arp. I even have: net.ipv4.conf.default.proxy_arp = 0
>
> http://forum.openvz.org/index.php?t=msg&goto=10089
>
> > The funny thing is it doesnt matter if i set the proxy arp to 0 or 1 in the \
> > conf-file, networking within the vz is with both options possible.
>
>
> Summary:
> --------------
>
> The openvz wiki recommends proxy_arp=0 in some cases, and in some proxy_arp=1. \
> External sites recommend proxy_arp=1 and then some present varying experiences. \
> Some discussions are based on the debian warning message itself, so there is some \
> feedback loop involved as well :-).
>
> The cause for the debian proxy_arp=1 setting seems to be bug
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=387762
>
> I have a similar setup; one private and one public address on the host node, and \
> then other public addresses for the guests. This works without proxy_arp enabled. \
> Worse, enabling proxy_arp produced arpsend warnings and possibly other problems.
> Maybe something else has changed from 2006 until now such that proxy_arp is not \
> needed?
> If only openvz.org is trusted, it seems proxy_arp should only be used when using \
> veth devices, and not venet devices.
> Perhaps you could contact upstream to get a more definite answer.
>
> BR
> Stefan
>
>
>
>
--
--------------------- Ola Lundqvist ---------------------------
/ opal@debian.org Annebergsslingan 37 \
> ola@inguza.com 654 65 KARLSTAD |
> http://inguza.com/ +46 (0)70-332 1551 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic