Editing Virtual Ethernet device
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | + | '''Virtual ethernet device''' is an ethernet-like device which can be used inside a [[VE]]. Unlike | |
− | + | [[venet]] network device, veth device has a MAC address. Due to this, it can be used in configurations, when veth is bridged to ethX or other device and VE user fully sets up his networking himself, | |
− | '''Virtual | + | including IPs, gateways etc. |
− | inside a [[ | ||
− | has a MAC address. | ||
− | is bridged to | ||
− | |||
− | himself, including IPs, gateways | ||
− | + | Virtual ethernet device consist of two ethernet devices - one in [[VE0]] and another one | |
− | + | in VE. These devices are connected to each other, so if a packet goes to one | |
− | one in [[ | + | device it will come out from the other device. |
− | connected to each other | ||
− | == Virtual | + | == Virtual ethernet device usage == |
− | === Kernel module === | + | === Kernel module === |
− | + | First of all, make sure the <code>vzethdev</code> module is loaded: | |
<pre> | <pre> | ||
# lsmod | grep vzeth | # lsmod | grep vzeth | ||
Line 24: | Line 18: | ||
</pre> | </pre> | ||
− | |||
In case it is not loaded, load it: | In case it is not loaded, load it: | ||
<pre> | <pre> | ||
Line 30: | Line 23: | ||
</pre> | </pre> | ||
− | + | You might want to add the module to <code>/etc/init.d/vz script</code>, so it will be loaded during startup. | |
− | |||
− | |||
− | |||
− | < | + | === Adding veth to a VE === |
− | + | <pre> | |
+ | vzctl set <VEID> --veth_add <dev_name>,<dev_addr>,<ve_dev_name>,<ve_dev_addr> | ||
+ | </pre> | ||
+ | Here | ||
+ | * <tt>dev_name</tt> is the ethernet device name that you are creating on the [[VE0|host system]] | ||
+ | * <tt>dev_addr</tt> is its MAC address | ||
+ | * <tt>ve_dev_name</tt> is the corresponding ethernet device name you are creating on the VE | ||
+ | * <tt>ve_dev_addr</tt> is its MAC address | ||
− | + | MAC addresses must be entered in XX:XX:XX:XX:XX:XX format. Note that this option | |
− | MAC addresses must be entered in XX:XX:XX:XX:XX:XX format. | + | is incremental, so devices are added to already existing ones. |
− | + | NB there are no spaces after the commas | |
− | |||
− | + | ==== Examples ==== | |
− | + | <pre> | |
− | + | vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save | |
+ | </pre> | ||
+ | After executing this command <tt>veth</tt> device will be created for VE 101 and veth configuration will be saved to a VE configuration file. | ||
+ | Host-side ethernet device will have <tt>veth101.0</tt> name and <tt>00:12:34:56:78:9A</tt> MAC address. | ||
+ | VE-side ethernet device will have <tt>eth0</tt> name and <tt>00:12:34:56:78:9B</tt> MAC address. | ||
+ | {{Note|Use random MAC addresses. Do not use MAC addresses of real eth devices, because this can lead to collisions.}} | ||
− | |||
− | + | Warning: sintax seems changed in (current) version vzctl-3.0.14. Actual sintax is: | |
− | + | ==== Examples ==== | |
− | + | <pre> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
vzctl set 101 --netif_add eth0,00:12:34:56:78:9A,veth101.0,00:12:34:56:78:9B --save | vzctl set 101 --netif_add eth0,00:12:34:56:78:9A,veth101.0,00:12:34:56:78:9B --save | ||
+ | </pre> | ||
− | + | where eth0 is the interface being created in your Virtual Machine, while veth101.0 is being created in the host machine. | |
− | |||
− | + | === Removing veth from a VE === | |
− | vzctl set | + | <pre> |
+ | vzctl set <VEID> --veth_del <dev_name> | ||
+ | </pre> | ||
+ | Here <tt>dev_name</tt> is the ethernet device name in the [[VE0|host system]]. | ||
− | + | ==== Example ==== | |
− | + | <pre> | |
− | + | vzctl set 101 --veth_del veth101.0 --save | |
− | + | </pre> | |
− | + | After executing this command veth device with host-side ethernet name veth101.0 will be removed from VE 101 and veth configuration will be updated in VE config file. | |
− | |||
− | === | ||
− | |||
− | |||
− | vzctl set | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | == Common configurations with virtual | + | == Common configurations with virtual ethernet devices == |
Module <tt>vzethdev</tt> must be loaded to operate with veth devices. | Module <tt>vzethdev</tt> must be loaded to operate with veth devices. | ||
− | === Simple configuration with virtual | + | === Simple configuration with virtual ethernet device === |
− | + | ==== Start a VE ==== | |
− | + | <pre> | |
− | |||
− | ==== Start a | ||
− | |||
− | |||
[host-node]# vzctl start 101 | [host-node]# vzctl start 101 | ||
+ | </pre> | ||
− | ==== Add veth device to | + | ==== Add veth device to VE ==== |
+ | <pre> | ||
+ | [host-node]# vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save | ||
+ | </pre> | ||
− | + | ==== Configure devices in VE0 ==== | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== Configure devices in | ||
− | |||
<pre> | <pre> | ||
[host-node]# ifconfig veth101.0 0 | [host-node]# ifconfig veth101.0 0 | ||
Line 137: | Line 94: | ||
</pre> | </pre> | ||
− | ==== Configure device in | + | ==== Configure device in VE ==== |
− | |||
<pre> | <pre> | ||
[host-node]# vzctl enter 101 | [host-node]# vzctl enter 101 | ||
Line 146: | Line 102: | ||
</pre> | </pre> | ||
− | < | + | ==== Add route in [[VE0]] ==== |
− | + | <pre> | |
− | + | [host-node]# ip route add 192.168.0.101 dev veth101.0 | |
− | + | </pre> | |
− | |||
− | |||
− | |||
− | ==== | + | === Virtual ethernet device with IPv6 === |
− | |||
− | |||
− | + | ==== Start [[VE]] ==== | |
− | + | <pre> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== Start | ||
− | |||
− | |||
[host-node]# vzctl start 101 | [host-node]# vzctl start 101 | ||
+ | </pre> | ||
− | ==== Add veth device to | + | ==== Add veth device to [[VE]] ==== |
− | + | <pre> | |
− | + | [host-node]# vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save | |
− | [host-node]# vzctl set 101 -- | + | </pre> |
− | |||
− | < | ||
− | |||
− | |||
− | |||
− | + | ==== Configure devices in [[VE0]] ==== | |
<pre> | <pre> | ||
[host-node]# ifconfig veth101.0 0 | [host-node]# ifconfig veth101.0 0 | ||
− | [host-node]# | + | [host-node]# echo 1 > /proc/sys/net/ipv6/conf/veth101.0/forwarding |
+ | [host-node]# echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding | ||
+ | [host-node]# echo 1 > /proc/sys/net/ipv6/conf/all/forwarding | ||
</pre> | </pre> | ||
− | < | + | ==== Configure device in [[VE]] ==== |
− | + | <pre> | |
+ | [host-node]# vzctl enter 101 | ||
+ | [ve-101]# /sbin/ifconfig eth0 0 | ||
+ | </pre> | ||
− | + | ==== Start router advertisement daemon (radvd) for IPv6 in VE0 ==== | |
− | + | First you need to edit radvd configuration file. Here is a simple example of <tt>/etc/radv.conf</tt>: | |
− | |||
− | |||
− | |||
<pre> | <pre> | ||
− | + | interface veth101.0 | |
− | + | { | |
+ | AdvSendAdvert on; | ||
+ | MinRtrAdvInterval 3; | ||
+ | MaxRtrAdvInterval 10; | ||
+ | AdvHomeAgentFlag off; | ||
− | + | prefix 3ffe:2400:0:0::/64 | |
− | + | { | |
− | + | AdvOnLink on; | |
− | + | AdvAutonomous on; | |
+ | AdvRouterAddr off; | ||
+ | }; | ||
+ | }; | ||
− | + | interface eth0 | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
{ | { | ||
− | + | AdvSendAdvert on; | |
− | + | MinRtrAdvInterval 3; | |
− | + | MaxRtrAdvInterval 10; | |
− | + | AdvHomeAgentFlag off; | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | prefix 3ffe:0302:0011:0002::/64 | |
− | + | { | |
− | + | AdvOnLink on; | |
− | + | AdvAutonomous on; | |
− | + | AdvRouterAddr off; | |
+ | }; | ||
+ | }; | ||
</pre> | </pre> | ||
− | |||
− | |||
− | |||
− | + | Then, start radvd: | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<pre> | <pre> | ||
− | [ | + | [host-node]# /etc/init.d/radvd start |
− | |||
− | |||
</pre> | </pre> | ||
− | + | ==== Add IPv6 addresses to devices in [[VE0]] ==== | |
− | |||
<pre> | <pre> | ||
− | + | [host-node]# ip addr add dev veth101.0 3ffe:2400::212:34ff:fe56:789a/64 | |
− | + | [host-node]# ip addr add dev eth0 3ffe:0302:0011:0002:211:22ff:fe33:4455/64 | |
− | |||
− | |||
− | |||
− | |||
</pre> | </pre> | ||
− | === Virtual | + | === Virtual ethernet devices can be joined in one bridge === |
+ | Perform steps 1 - 4 from Simple configuration chapter for several VEs and/or veth devices | ||
− | + | ==== Create bridge device ==== | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== Create bridge device ==== | ||
<pre> | <pre> | ||
[host-node]# brctl addbr vzbr0 | [host-node]# brctl addbr vzbr0 | ||
</pre> | </pre> | ||
− | ==== Add veth devices to bridge ==== | + | ==== Add veth devices to bridge ==== |
<pre> | <pre> | ||
[host-node]# brctl addif vzbr0 veth101.0 | [host-node]# brctl addif vzbr0 veth101.0 | ||
Line 293: | Line 197: | ||
</pre> | </pre> | ||
− | ==== Configure bridge device ==== | + | ==== Configure bridge device ==== |
<pre> | <pre> | ||
[host-node]# ifconfig vzbr0 0 | [host-node]# ifconfig vzbr0 0 | ||
+ | [host-node]# echo 1 > /proc/sys/net/ipv4/conf/vzbr0/forwarding | ||
+ | [host-node]# echo 1 > /proc/sys/net/ipv4/conf/vzbr0/proxy_arp | ||
+ | </pre> | ||
+ | |||
+ | ==== Add routes in [[VE0]] ==== | ||
+ | <pre> | ||
+ | [host-node]# ip route add 192.168.101.1 dev vzbr0 | ||
+ | ... | ||
+ | [host-node]# ip route add 192.168.101.n dev vzbr0 | ||
+ | [host-node]# ip route add 192.168.102.1 dev vzbr0 | ||
+ | ... | ||
+ | ... | ||
+ | [host-node]# ip route add 192.168.XXX.N dev vzbr0 | ||
</pre> | </pre> | ||
− | + | Thus you'll have more convinient configuration, i.e. all routes to VEs will be through this bridge and VEs can communicate with each other even without these routes. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | === Making a veth-device persistent === | + | === Making a veth-device persistent === |
− | + | At the moment, it is not possible to have the commands needed for a persistent veth being made automatically be vzctl. A bugreport ( http://bugzilla.openvz.org/show_bug.cgi?id=301 ) has already been made. Until then, here's a way to make the above steps persistent (for a debian based system in this example). | |
+ | |||
+ | ==== Cleaning ${VEID}.conf ==== | ||
+ | =====Option A)===== | ||
+ | Open up /etc/vz/conf/VEID.conf and comment out any IP_ADDRESS-entries to prevent a VENET-device from being created in the VE. Add or change the entry CONFIG_CUSTOMIZED="yes". | ||
+ | |||
+ | |||
+ | =====Option B)===== | ||
+ | Follow Option A and add in addition a VETH_IP_ADDRESS="<your VE IP>" entry to your /etc/vz/conf/VEID.conf including the IP Address you want to set. | ||
− | <!-- | + | ==== Adding an external script to VE0 ==== |
− | + | Copy and paste the following code into /usr/sbin/vznetaddroute: | |
+ | <pre> | ||
+ | #!/bin/bash | ||
+ | # | ||
+ | # This script adds the appropriate VE0-route for veth-enabled VEs. | ||
+ | # See http://wiki.openvz.org/Virtual_Ethernet_device for more information. | ||
+ | # | ||
− | + | # check the VEID | |
− | + | if [ "${VEID}" == 101 ]; then | |
+ | echo "Adding interface veth101.0 and route 192.168.0.101 for VE101 to VE0" | ||
+ | /sbin/ifconfig veth101.0 0 | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/veth101.0/forwarding | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/veth101.0/proxy_arp | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp | ||
+ | /sbin/ip route add 192.168.0.101 dev veth101.0 | ||
+ | elsif [ "${VEID}" == 102 ]; then | ||
+ | echo "Adding interface veth102.0 and route 192.168.0.102 for VE101 to VE0" | ||
+ | /sbin/ifconfig veth101.0 0 | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/veth102.0/forwarding | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/veth102.0/proxy_arp | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp | ||
+ | /sbin/ip route add 192.168.0.102 dev veth102.0 | ||
+ | elsif [ "${VEID}" == YOUR_VE ]; then | ||
+ | # same as above with the vethYOUR_VE.0 device and the appropriate ip | ||
+ | fi | ||
+ | exit | ||
+ | </pre> | ||
− | + | Add one elsif-section for every veth-enabled VE you'd like to have automatically configured. Remember to run <pre>chmod +x /usr/sbin/vznetaddroute</pre> to make the script executable. | |
− | |||
− | = | + | To make vzctl run the script, copy and paste the following line to /etc/vz/vznet.conf: |
+ | <pre> | ||
+ | #!/bin/bash | ||
+ | EXTERNAL_SCRIPT="/usr/sbin/vznetaddroute" | ||
+ | </pre> | ||
+ | The script will now run every time a veth-enabled VE is started. | ||
− | + | ==== Adding a script to VE ==== | |
− | |||
− | < | + | Now we're done with VE0, we still need to add a route to the VE itself. So we start up the VE with <pre>vzctl start 101</pre>, get into it with <pre>vzctl enter 101</pre> and create a new file /etc/init.d/route-up in the VE with the following content: |
− | vzctl | + | <pre> |
+ | #!/bin/bash | ||
+ | /sbin/ip route add default dev eth0 | ||
+ | </pre> | ||
− | < | + | Make the script executable with <pre>chmod +x /etc/init.d/route-up</pre> and add it to the runlevels: |
− | + | <pre> | |
+ | ve101:/# update-rc.d route-up defaults | ||
+ | Adding system startup for /etc/init.d/route-up ... | ||
+ | /etc/rc0.d/K20route-up -> ../init.d/route-up | ||
+ | [...] | ||
+ | </pre> | ||
− | < | + | ==== Checking ==== |
+ | Now to see if everything worked, leave the VE with <pre>exit</pre>, stop the VE via <pre>vzctl stop 101</pre> and restart it with <pre>vzctl start 101</pre>. Still in VE0, check the route for the VE: | ||
<pre> | <pre> | ||
− | + | ve0:/# ip route ls | |
+ | 192.168.0.101 dev veth101.0 scope link | ||
+ | [...] | ||
+ | ve0:/# ping 192.168.0.101 -c 4 -q | ||
+ | [...] | ||
+ | --- 192.168.0.101 ping statistics --- | ||
+ | 4 packets transmitted, 4 recieved, 0% packet loss, time 0ms | ||
</pre> | </pre> | ||
− | < | + | If somethings not working, check the contents of the files we just created or changed. Now get into the VE via <pre>vzctl enter 101</pre> and check the routing there: |
− | |||
<pre> | <pre> | ||
− | + | ve101:/# ifconfig | |
+ | eth0 Link encap:Ethernet HWaddr 00:12:34:56:78:9B | ||
+ | inet addr:192.168.0.101 Bcast:0.0.0.0 Mask:255.255.255.255 | ||
+ | UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 | ||
+ | RX packets:92 errors:0 dropped:0 overruns:0 frame:0 | ||
+ | TX packets:94 errors:0 dropped:0 overruns:0 carrier:0 | ||
+ | collisions:0 txqueuelen:0 | ||
+ | RX bytes:6757 (6.5 KiB) TX bytes:10396 (10.1 KiB) | ||
+ | |||
+ | lo Link encap:Local Loopback | ||
+ | inet addr:127.0.0.1 Mask:255.0.0.0 | ||
+ | UP LOOPBACK RUNNING MTU:16436 Metric:1 | ||
+ | RX packets:0 errors:0 dropped:0 overruns:0 frame:0 | ||
+ | TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 | ||
+ | collisions:0 txqueuelen:0 | ||
+ | RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) | ||
+ | ve101:/# ip route ls | ||
+ | default dev eth0 scope link | ||
+ | ve101:/# ping 192.168.0.101 -c 4 -q | ||
+ | [...] | ||
+ | --- 192.168.0.101 ping statistics --- | ||
+ | 4 packets transmitted, 4 recieved, 0% packet loss, time 0ms | ||
</pre> | </pre> | ||
− | + | If you have problems getting it persistent, please comment. | |
− | |||
− | === Virtual | + | === Virtual ethernet devices + VLAN === |
This configuration can be done by adding vlan device to the previous configuration. | This configuration can be done by adding vlan device to the previous configuration. | ||
− | == See also == | + | == See also == |
* [[Virtual network device]] | * [[Virtual network device]] | ||
* [[Differences between venet and veth]] | * [[Differences between venet and veth]] | ||
− | |||
− | |||
− | |||
− | == External links == | + | == External links == |
* [http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/hints-daemons-radvd.html Linux IPv6 HOWTO, a chapter about radvd] | * [http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/hints-daemons-radvd.html Linux IPv6 HOWTO, a chapter about radvd] | ||
− | |||
− | |||
− | |||
[[Category: Networking]] | [[Category: Networking]] | ||
[[Category: HOWTO]] | [[Category: HOWTO]] |