LINUX.ORG.RU
ФорумAdmin

Настройка Veth интерфейса

 , , ,


0

1

Пытаюсь настроить Veth интерфейс. Виртуальная машина видит только HN, HN видит все устройства в сети (172.XXX.XXX.70/27).

Данные HN: виртуальная машина ESXi, установлена CentOS 6.6, виртуальные адаптеры типа E1000.

Настройки HN: 

uname -a
2.6.32-042stab102.9 #1 SMP Fri Dec 19 20:34:40 MSK 2014 x86_64 x86_64 x86_64 GNU/Linux


ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:5B:54:9C  
          inet addr:192.XXX.XXX.19  Bcast:192.XXX.XXX.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe5b:549c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3996 errors:0 dropped:0 overruns:0 frame:0
          TX packets:256 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:308124 (300.9 KiB)  TX bytes:49567 (48.4 KiB)

eth1      Link encap:Ethernet  HWaddr 00:0C:29:5B:54:A6  
          inet6 addr: fe80::20c:29ff:fe5b:54a6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:318 (318.0 b)  TX bytes:1104 (1.0 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:1278 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1278 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:194737 (190.1 KiB)  TX bytes:194737 (190.1 KiB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet6 addr: fe80::1/128 Scope:Link
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:3 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

veth100.0 Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:1 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:188 (188.0 b)  TX bytes:420 (420.0 b)

vmbr0     Link encap:Ethernet  HWaddr 00:0C:29:5B:54:A6  
          inet addr:172.XXX.XXX.70  Bcast:172.XXX.XXX.95  Mask:255.255.255.224
          inet6 addr: fe80::20c:29ff:fe5b:54a6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:464 (464.0 b)  TX bytes:636 (636.0 b)

ip r l:

172.XXX.XXX.64/27 dev vmbr0  proto kernel  scope link  src 172.XXX.XXX.70 
192.XXX.XXX.0/24 dev eth0  proto kernel  scope link  src 192.XXX.XXX.19 
169.254.0.0/16 dev eth0  scope link  metric 1002 
169.254.0.0/16 dev vmbr0  scope link  metric 1004 
default via 192.XXX.XXX.254 dev eth0

iptables
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 1191  180K ACCEPT     all  --  any    any     anywhere             anywhere            state RELATED,ESTABLISHED 
   22   792 ACCEPT     icmp --  any    any     anywhere             anywhere            
  110  6040 ACCEPT     all  --  lo     any     anywhere             anywhere            
    2   128 ACCEPT     tcp  --  any    any     anywhere             anywhere            state NEW tcp dpt:ssh 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            
  942 89313 REJECT     all  --  any    any     anywhere             anywhere            reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            
    3   276 REJECT     all  --  any    any     anywhere             anywhere            reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT 21 packets, 1417 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 1173  200K ACCEPT     tcp  --  any    any     anywhere             anywhere     

sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 1
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 0
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.conf.default.proxy_arp = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

bridge name	bridge id		STP enabled	interfaces
vmbr0		8000.000c295b54a6	no		eth1
							veth100.0

Настройки OpenVZ: 

echo 'EXTERNAL_SCRIPT="/usr/sbin/vznetaddbr"' > /etc/vz/vznet.conf

Настройки VE: 

vzctl create 100 --ostemplate ubuntu-14.04-x86 --config vswap-256m
vzctl set 100 --netif_add eth0,,,FE:FF:FF:FF:FF:FF,vmbr0 --save


ifconfig
eth0      Link encap:Ethernet  HWaddr 00:18:51:1a:55:24  
          inet addr:172.XXX.XXX.71  Bcast:172.XXX.XXX.95  Mask:255.255.255.224
          inet6 addr: fe80::218:51ff:fe1a:5524/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:2 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:420 (420.0 B)  TX bytes:188 (188.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

ip r l:

172.XXX.XXX.64/27 dev eth0  proto kernel  scope link  src 172.XXX.XXX.71

iptables
Chain INPUT (policy ACCEPT 14 packets, 1316 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 19 packets, 1736 bytes)
 pkts bytes target     prot opt in     out     source               destination

sysctl -p
net.ipv4.ip_forward = 1

Кроме ARP запросов никакой сетевой активности ни в HN, ни в VE не вижу: HN: 

tcpdump -s1500 -i any -vvv -n '(dst host 172.XXX.XXX.71) or (src host 172.XXX.XXX.71)'

tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 1500 bytes
08:49:03.375589 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.XXX.XXX.71 tell 172.XXX.XXX.91, length 46
08:49:03.375602 ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.XXX.XXX.71 is-at 00:18:51:1a:55:24, length 28

VE: 

tcpdump -s1500 -i any -vvv -n

tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 1500 bytes
08:50:03.195426 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.XXX.XXX.71 tell 172.XXX.XXX.91, length 46
08:50:03.195440 ARP, Ethernet (len 6), IPv4 (len 4), Reply 172.XXX.XXX.71 is-at 00:18:51:1a:55:24, length 28

Как заставить сеть ВМ нормально работать?


Сервер забивает весь канал
Шкаф напольный 42U
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.