OpenVZ + Bridge a vice virtualnich eth

Zdenek Janis janis na alberon.cz
Pondělí Duben 14 07:56:42 CEST 2008 

Dobry den,
velmi spravne jste to pochopil.

Jen se ztracim na kterych interface (virtualni na fyzickem nodu 
(veth101.x) nebo na virtualnim stroji (eth101.x)) to mam nastavovat, neb 
jsem pokusnicil s proxy_arp a to nedopadlo dobre - vsechny windowsi 
masiny pripojene do stejneho switche zacali hlasit duplicitni IP adresy 
:-) Podobne netusim na ktere kerneli arp_* mam sahnout a na co (0|1) je 
nastavit?

VIRTUAL 101 (vGW)*:
# find /proc/sys/net/ipv4/conf/*/arp_* | while read F; do echo "$F"" -> 
"$(cat "$F"); done;
/proc/sys/net/ipv4/conf/all/arp_accept -> 0
/proc/sys/net/ipv4/conf/all/arp_announce -> 0
/proc/sys/net/ipv4/conf/all/arp_filter -> 0
/proc/sys/net/ipv4/conf/all/arp_ignore -> 0
/proc/sys/net/ipv4/conf/default/arp_accept -> 0
/proc/sys/net/ipv4/conf/default/arp_announce -> 0
/proc/sys/net/ipv4/conf/default/arp_filter -> 0
/proc/sys/net/ipv4/conf/default/arp_ignore -> 0
/proc/sys/net/ipv4/conf/eth101.0/arp_accept -> 0
/proc/sys/net/ipv4/conf/eth101.0/arp_announce -> 0
/proc/sys/net/ipv4/conf/eth101.0/arp_filter -> 0
/proc/sys/net/ipv4/conf/eth101.0/arp_ignore -> 0
/proc/sys/net/ipv4/conf/eth101.1/arp_accept -> 0
/proc/sys/net/ipv4/conf/eth101.1/arp_announce -> 0
/proc/sys/net/ipv4/conf/eth101.1/arp_filter -> 0
/proc/sys/net/ipv4/conf/eth101.1/arp_ignore -> 0
/proc/sys/net/ipv4/conf/eth101.2/arp_accept -> 0
/proc/sys/net/ipv4/conf/eth101.2/arp_announce -> 0
/proc/sys/net/ipv4/conf/eth101.2/arp_filter -> 0
/proc/sys/net/ipv4/conf/eth101.2/arp_ignore -> 0
/proc/sys/net/ipv4/conf/lo/arp_accept -> 0
/proc/sys/net/ipv4/conf/lo/arp_announce -> 0
/proc/sys/net/ipv4/conf/lo/arp_filter -> 0
/proc/sys/net/ipv4/conf/lo/arp_ignore -> 0
/proc/sys/net/ipv4/conf/venet0/arp_accept -> 0
/proc/sys/net/ipv4/conf/venet0/arp_announce -> 0
/proc/sys/net/ipv4/conf/venet0/arp_filter -> 0
/proc/sys/net/ipv4/conf/venet0/arp_ignore -> 0

VIRTUAL_HW*:
# find /proc/sys/net/ipv4/conf/*/arp_* | while read F; do echo "$F"" -> 
"$(cat "$F"); done;
/proc/sys/net/ipv4/conf/all/arp_accept -> 0
/proc/sys/net/ipv4/conf/all/arp_announce -> 0
/proc/sys/net/ipv4/conf/all/arp_filter -> 0
/proc/sys/net/ipv4/conf/all/arp_ignore -> 0
/proc/sys/net/ipv4/conf/br0/arp_accept -> 0
/proc/sys/net/ipv4/conf/br0/arp_announce -> 0
/proc/sys/net/ipv4/conf/br0/arp_filter -> 0
/proc/sys/net/ipv4/conf/br0/arp_ignore -> 0
/proc/sys/net/ipv4/conf/default/arp_accept -> 0
/proc/sys/net/ipv4/conf/default/arp_announce -> 0
/proc/sys/net/ipv4/conf/default/arp_filter -> 0
/proc/sys/net/ipv4/conf/default/arp_ignore -> 0
/proc/sys/net/ipv4/conf/eth0/arp_accept -> 0
/proc/sys/net/ipv4/conf/eth0/arp_announce -> 0
/proc/sys/net/ipv4/conf/eth0/arp_filter -> 0
/proc/sys/net/ipv4/conf/eth0/arp_ignore -> 0
/proc/sys/net/ipv4/conf/eth1/arp_accept -> 0
/proc/sys/net/ipv4/conf/eth1/arp_announce -> 0
/proc/sys/net/ipv4/conf/eth1/arp_filter -> 0
/proc/sys/net/ipv4/conf/eth1/arp_ignore -> 0
/proc/sys/net/ipv4/conf/lo/arp_accept -> 0
/proc/sys/net/ipv4/conf/lo/arp_announce -> 0
/proc/sys/net/ipv4/conf/lo/arp_filter -> 0
/proc/sys/net/ipv4/conf/lo/arp_ignore -> 0
/proc/sys/net/ipv4/conf/venet0/arp_accept -> 0
/proc/sys/net/ipv4/conf/venet0/arp_announce -> 0
/proc/sys/net/ipv4/conf/venet0/arp_filter -> 0
/proc/sys/net/ipv4/conf/venet0/arp_ignore -> 0
/proc/sys/net/ipv4/conf/veth101.0/arp_accept -> 0
/proc/sys/net/ipv4/conf/veth101.0/arp_announce -> 0
/proc/sys/net/ipv4/conf/veth101.0/arp_filter -> 0
/proc/sys/net/ipv4/conf/veth101.0/arp_ignore -> 0
/proc/sys/net/ipv4/conf/veth101.1/arp_accept -> 0
/proc/sys/net/ipv4/conf/veth101.1/arp_announce -> 0
/proc/sys/net/ipv4/conf/veth101.1/arp_filter -> 0
/proc/sys/net/ipv4/conf/veth101.1/arp_ignore -> 0
/proc/sys/net/ipv4/conf/veth101.2/arp_accept -> 0
/proc/sys/net/ipv4/conf/veth101.2/arp_announce -> 0
/proc/sys/net/ipv4/conf/veth101.2/arp_filter -> 0
/proc/sys/net/ipv4/conf/veth101.2/arp_ignore -> 0
/proc/sys/net/ipv4/conf/veth102.0/arp_accept -> 0
/proc/sys/net/ipv4/conf/veth102.0/arp_announce -> 0
/proc/sys/net/ipv4/conf/veth102.0/arp_filter -> 0
/proc/sys/net/ipv4/conf/veth102.0/arp_ignore -> 0
/proc/sys/net/ipv4/conf/veth201.0/arp_accept -> 0
/proc/sys/net/ipv4/conf/veth201.0/arp_announce -> 0
/proc/sys/net/ipv4/conf/veth201.0/arp_filter -> 0
/proc/sys/net/ipv4/conf/veth201.0/arp_ignore -> 0

Dekuji.

*) - popis odpovidajici schematu, zaslany 7.4.2008 15:01

Pavel Kankovsky napsal(a):
> Jestli jsem to dobře pochopil, tak jste z jednoho (virtuálního) stroje
> zapojil několik (virtuálních) interfejsů na jeden bridge a dal jim různé
> IP adresy, ano?
> 
> Musíte na těch interfejsech nastavit sysctl začínající arp_..., které 
> jádru vysvětlí, že je má pečlivě rozlišovat.

-- 
     Zdenek Janis

Další informace o konferenci Linux