'[Users] Some VE on one HW node cannot communicate each other (getting Time to live exceeded)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openvz-users
Subject:    [Users] Some VE on one HW node cannot communicate each other (getting Time to live exceeded)
From:       jan () tomasek ! cz (Jan Tomasek)
Date:       2006-12-28 7:24:57
Message-ID: 4593B790.90108 () tomasek ! cz
[Download RAW message or body]

Hello again,

I bit moved forward in solving my problem, but still need help.
Recapitulation first.

I've two network cards, first is connected to 195.113.233.0/24 network:

> auto eth0
> iface eth0 inet static
>         address 195.113.233.254
>         netmask 255.255.255.0
>         network 195.113.233.0
>         broadcast 195.113.233.255
>         gateway 195.113.233.1


Second is connected to 195.113.187.0/26 network:

> iface eth1 inet static
>         address   195.113.187.37
>         netmask   255.255.255.192
>         network   195.113.187.0
>         broadcast 195.113.187.63
>         post-up         /etc/network/post-up-eth1
>         post-down       /etc/network/post-down-eth1

Everything is in this setup working, except of comunication between VE
systems using eth1 and eth0.

Ping from VE (195.113.187.33) using eth1 to system using eth0
(195.113.233.253):

ermon:~# ping 195.113.233.253
PING 195.113.233.253 (195.113.233.253) 56(84) bytes of data.
>From 195.113.187.37 icmp_seq=1 Time to live exceeded
>From 195.113.187.37 icmp_seq=2 Time to live exceeded

Pinging to everywhere else is ok.

I discovered that I have to add route for network 195.113.233.0/24 to be
routed to eth1 and GW 195.113.187.1 default is to eth0, which sends that
TTL exceeded error.

But after setting that route, I'm still not able reach boxes using
195.113.233.0/24 on local eth0 interface. For this I've setup route via
venet0 interface.

File "/etc/network/post-up-eth1":

#!/bin/bash

ip rule add from 195.113.187.33 table 6
ip rule add from 195.113.187.35 table 6
ip route add default dev eth1 via 195.113.187.1 table 6
ip route add 195.113.233.0/24 dev eth1 via 195.113.187.1 table 6
ip route add 195.113.233.252 dev venet0 table 6
ip route add 195.113.233.253 dev venet0 table 6

# Ignore any error of above commands
exit 0;

File "/etc/network/post-down-eth1":

#!/bin/bash

ip rule delete from 195.113.187.33 table 6
ip rule delete from 195.113.187.35 table 6
ip route delete 195.113.233.252 dev venet0 table 6
ip route delete 195.113.233.253 dev venet0 table 6

# Ignore any error of above commands
exit 0;

chlivek:~# ip rule
0:      from all lookup 255
32764:  from 195.113.187.35 lookup 6
32765:  from 195.113.187.33 lookup 6
32766:  from all lookup main
32767:  from all lookup default

chlivek:~# ip route
195.113.187.33 dev venet0  scope link  src 195.113.233.254
192.168.1.2 dev venet0  scope link  src 195.113.233.254
195.113.233.253 dev venet0  scope link  src 195.113.187.37
195.113.233.252 dev venet0  scope link  src 195.113.233.254
195.113.187.0/26 dev eth1  proto kernel  scope link  src 195.113.187.37
195.113.233.0/24 dev eth0  proto kernel  scope link  src 195.113.233.254
default via 195.113.233.1 dev eth0

chlivek:~# ip route show table 6
195.113.233.253 dev venet0  scope link
195.113.233.252 dev venet0  scope link
195.113.233.0/24 via 195.113.187.1 dev eth1
default via 195.113.187.1 dev eth1


It seams to work but it is bit complicated. If anyone know simpler way
please tell me.

Best regards
-- 
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://openvz.org/pipermail/users/attachments/20061228/dc7db33c/signature.bin

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic