Changes

Jump to: navigation, search

Multiple network interfaces and ARP flux

2,432 bytes added, 02:41, 18 February 2007
no edit summary
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 12
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.proxy_arp = 0
What this shows is that each VE's IP address is associated with each HN's interface. Therefore each interface will respond to any ARP "who has" query.
TODO: Discuss approach of <code>ip rule ...</code> These entries are created by the vzarp function in the vps_functions script, which are called by vps-net_add, vps-net_del and <code>ip route ...</code>vps-stop. The result of this function in our case is to execute the following commands:
<pre>
/sbin/ip neigh add proxy 192.168.18.101 dev eth0
/sbin/ip neigh add proxy 192.168.18.101 dev eth4
/sbin/ip neigh add proxy 192.168.18.101 dev eth3
/sbin/ip neigh add proxy 192.168.18.102 dev eth0
/sbin/ip neigh add proxy 192.168.18.102 dev eth4
/sbin/ip neigh add proxy 192.168.18.102 dev eth3
</pre>
 
In addition, the following ARP messages are sent when VEID 101 is started.
 
<pre>
00:0c:29:b3:a2:54 > ff:ff:ff:ff:ff:ff, ARP, length 60: arp who-has 192.168.18.101 (ff:ff:ff:ff:ff:ff) tell 192.168.18.10
00:0c:29:b3:a2:5e > ff:ff:ff:ff:ff:ff, ARP, length 60: arp who-has 192.168.18.101 (ff:ff:ff:ff:ff:ff) tell 192.168.18.12
00:0c:29:b3:a2:68 > ff:ff:ff:ff:ff:ff, ARP, length 60: arp who-has 192.168.18.101 (ff:ff:ff:ff:ff:ff) tell 192.168.18.11
00:0c:29:b3:a2:54 > ff:ff:ff:ff:ff:ff, ARP, length 60: arp who-has 192.168.18.101 (ff:ff:ff:ff:ff:ff) tell 192.168.18.101
00:0c:29:b3:a2:5e > ff:ff:ff:ff:ff:ff, ARP, length 60: arp who-has 192.168.18.101 (ff:ff:ff:ff:ff:ff) tell 192.168.18.101
00:0c:29:b3:a2:68 > ff:ff:ff:ff:ff:ff, ARP, length 60: arp who-has 192.168.18.101 (ff:ff:ff:ff:ff:ff) tell 192.168.18.101
00:0c:29:b3:a2:5e > 00:0c:29:b3:a2:68, ARP, length 60: arp reply 192.168.18.101 is-at 00:0c:29:b3:a2:5e
00:0c:29:b3:a2:5e > 00:0c:29:b3:a2:54, ARP, length 60: arp reply 192.168.18.101 is-at 00:0c:29:b3:a2:5e
00:0c:29:b3:a2:68 > 00:0c:29:b3:a2:54, ARP, length 60: arp reply 192.168.18.101 is-at 00:0c:29:b3:a2:68
00:0c:29:b3:a2:68 > 00:0c:29:b3:a2:5e, ARP, length 60: arp reply 192.168.18.101 is-at 00:0c:29:b3:a2:68
00:0c:29:b3:a2:54 > 00:0c:29:b3:a2:5e, ARP, length 60: arp reply 192.168.18.101 is-at 00:0c:29:b3:a2:54
00:0c:29:b3:a2:54 > 00:0c:29:b3:a2:68, ARP, length 60: arp reply 192.168.18.101 is-at 00:0c:29:b3:a2:54
</pre>
 
What we see here is the result of vzarpipdetect, another function in vps_functions called by vps-net_add. An ARP "who has" message is sent by each interface and answered by the other interfaces.
 
What we want is to only add the IP addresses of our VE's to specific devices, not to all devices. This will prevent the ARP flux problem for our VE's.
 
Unfortunately this involves editing the OpenVZ scripts. The only case we really care about is vps-net_add, as the others execute <code>ip neigh del proxy</code>.
 
TODO: Discuss changes to scripts.
[[Category:HOWTO]]
[[Category:Networking]]
Estellt
9
edits
Retrieved from "https://wiki.openvz.org/Special:MobileDiff/2763"

Navigation menu