=== Making a veth-device persistent ===
At the moment, it is not possible to have the commands needed for a persistent veth being made automatically be vzctl. A bugreport ( http://bugzilla.openvz.org/show_bug.cgi?id=301 ) has already been made. Until then, here's a way to make the above steps persistent (for a debian based system in this example).
==== Cleaning ${VEID}At the moment, it is not possible to have the commands needed for a persistent veth being made automatically be vzctl.conf =========Option A)=====Open up bugreport ( http:/etc/vzbugzilla.openvz.org/conf/VEIDshow_bug.cgi?id=301 ) has already been made.conf and comment out any IP_ADDRESS-entries Until then, here's a way to prevent a VENET-device from being created in the VE. Add or change make the entry CONFIG_CUSTOMIZED="yes"above steps persistent.
1. First, edit the VE's configuration to specify what the veth's IP address(es) should be, and to indicate that a custom script should be run when starting up a VE.
* Open up /etc/vz/conf/VEID.conf
* Comment out any IP_ADDRESS entries to prevent a VENET-device from being created in the VE
* Add or change the entry CONFIG_CUSTOMIZED="yes"
* Add an entry VETH_IP_ADDRESS="<VE IP>" The VE IP can have multiple IPs, separated by spaces
=====Option B)=====Follow Option A 2. Now to create that "custom script". The following helper script will check the configuration file for IP addresses and for the veth interface, and configure the IP routing accordingly. Create the script /usr/sbin/vznetaddroute to have the following, and add in addition a VETH_IP_ADDRESS="then <your VE IPcode>" entry to your chmod 0500 /etcusr/vzsbin/confvznetaddroute</VEID.conf including the IP Address you want code> to setmake it executable.
====Adding an external script to VE0 ====
Copy and paste the following code (either Option A or B) into /usr/sbin/vznetaddroute:
=====Option A)=====
<pre>
#!/bin/bash
## This script adds the appropriate VE0-route for veth-enabled VEs.# See http:/usr/wiki.openvz.orgsbin/Virtual_Ethernet_device for more information.vznetaddroute#a script to bring up bridged network interfaces (veth's) in a VE
# check the VEIDif [ "${VEID}" CONFIGFILE== 101 ]; then echo "Adding interface veth101.0 and route 192.168.0.101 for VE101 to VE0" /sbin/ifconfig veth101.0 0 echo 1 > /procetc/sys/net/ipv4vz/conf/veth101$VEID.0/forwardingconf echo 1 > /proc/sys/net/ipv4/conf/veth101.0/proxy_arp$CONFIGFILE VZHOSTIF=`echo 1 > $NETIF |sed 's/proc/sys/net/ipv4/conf/eth0^.*host_ifname=\(.*\),.*$/forwarding echo \1 > /proc/sys/net/ipv4/conf/eth0/proxy_arpg'` /sbin/ip route add 192.168.0.101 dev veth101.0elsif if [ ! -n "${VEID}VETH_IP_ADDRESS" == 102 ]; then echo "Adding interface veth102.0 and route 192.168According to $CONFIGFILE VE$VEIDI has no veth IPs configured.0.102 for VE101 to VE0" /sbin/ifconfig veth101.0 0 echo 1 > /proc/sys/net/ipv4/conf/veth102.0/forwarding echo 1 > /proc/sys/net/ipv4/conf/veth102.0/proxy_arp echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding echo exit 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp /sbin/ip route add 192.168.0.102 dev veth102.0elsif [ "${VEID}" == YOUR_VE ]; then # same as above with the vethYOUR_VE.0 device and the appropriate ip
fi
exit
</pre>
Add one elsif-section for every veth-enabled VE you'd like to have automatically configured. Remember to run <pre>chmod +x /usr/sbin/vznetaddroute</pre> to make the script executable.
=====Option B)=====
<pre>
#!/bin/bash
VZCONFDIR=/etc/vz
. $VZCONFDIR/conf/$VEID.conf
VZHOSTIF=`echo $NETIF |sed 's/^.*host_ifname=\(.*\),.*$/\1/g'`
if [ ! -n "$VETH_IP_ADDRESS VZHOSTIF" ]; then echo "Adding interface $VZHOSTIF and route According to $VETH_IP_ADDRESS for CONFIGFILE VE$VEID to VE0" /sbin/ifconfig $VZHOSTIF 0 echo 1 > /proc/sys/net/ipv4/conf/$VZHOSTIF/proxy_arp echo 1 > /proc/sys/net/ipv4/conf/$VZHOSTIF/forwarding /sbin/ip route add $VETH_IP_ADDRESS dev $VZHOSTIFelse echo "found VEIDI has no VETH_IP_ADDRESS in $VZCONFDIR/conf/$VEIDveth interface configured.conf!" exit 1;
fi
exit
</pre>
Remember to run <pre>chmod +x /usr/sbin/vznetaddroute</pre> to make the script executable.
for IP in addition you need $VETH_IP_ADDRESS; do echo "Adding interface $VZHOSTIF and route $IP for VE$VEID to edit your VE0" /etcsbin/network/interfaces and add the sysctl statements for forwardings and proxy_arp like this:<pre>auto eth0iface eth0 inet static address 10.1.1.1 netmask 255.255.255.ifconfig $VZHOSTIF 0 network 10. echo 1.1.0 broadcast 10.1.1.255 gateway 10.215.1.254 dns-nameservers 10.215.1.20 dns-search prod.your.domain up sysctl -w > /proc/sys/net./ipv4./conf.eth0./$VZHOSTIF/proxy_arp= echo 1 up sysctl -w > /proc/sys/net./ipv4./conf.eth0./$VZHOSTIF/forwarding=1< /sbin/pre>ip route add $IP dev $VZHOSTIFdone
afterwards execute both statements manualy:<pre>sysctl -w net.ipv4.conf.eth0.proxy_arp=1sysctl -w net.ipv4.conf.eth0.forwarding=1exit 0
</pre>
====Make vzctl run 3. Now create /etc/vz/vznet.conf containing the following. This is what defines the "custom script====" as being the vznetaddroute which you just created.
To make vzctl run the script, copy and paste the following line to /etc/vz/vznet.conf:
<pre>
#!/bin/bash
EXTERNAL_SCRIPT="/usr/sbin/vznetaddroute"
</pre>
The script will now run every time a veth-enabled VE is started.
==== Adding a script to VE ====
Now we're done with VE0, we still need to add a route to the VE itself. So we start up the VE with <pre>vzctl start 101</pre>, get into it with <pre>vzctl enter 101</pre> and create a new file /etc/init.d/route-up in the VE with the following content:
<pre>
#!/bin/bash
/sbin/ip route add default dev eth0
</pre>
Make the script executable with <pre>chmod +x /etc/init.d/route-up</pre> and add it to the runlevels:
<pre>
ve101:/# update-rc.d route-up defaults
Adding system startup for /etc/init.d/route-up ...
/etc/rc0.d/K20route-up -> ../init.d/route-up
[...]
</pre>
==== Checking ====
Now to see if everything worked, leave the VE with <pre>exit</pre>, stop the VE via <pre>vzctl stop 101</pre> and restart it with <pre>vzctl start 101</pre>. Still in VE0, check the route for the VE:
<pre>
ve0:/# ip route ls
192.168.0.101 dev veth101.0 scope link
[...]
ve0:/# ping 192.168.0.101 -c 4 -q
[...]
--- 192.168.0.101 ping statistics ---
4 packets transmitted, 4 recieved, 0% packet loss, time 0ms
</pre>
If somethings not working4. Of course, check the contents of the files we just created or changed. Now get into the VE via <pre>vzctl enter 101</pre> and check the routing there:<pre>ve101:/# ifconfig eth0 Link encap:Ethernet HWaddr 00:12:34:56:78:9B inet addr:192.168.0.101 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:92 errors:0 dropped:0 overruns:0 frame:0 TX packets:94 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6757 's operating system will need to be configured with those IP address(6.5 KiBes) TX bytes:10396 (10as well.1 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)ve101:/# ip route lsdefault dev eth0 scope linkve101:/# ping 192.168Consult the manual for your VE's OS for details.0.101 -c 4 -q[...]--- 192.168.0.101 ping statistics ---4 packets transmitted, 4 recieved, 0% packet loss, time 0ms</pre>
If That's it! At this point, when you restart the VE you should see a new line in the output, indicating that the interface is being configured and a new route being added. And you have problems getting it persistentshould be able to ping the host, please commentand to enter the VE and use the network.
=== Virtual ethernet devices + VLAN ===
