Editing VEs and HNs in same subnets
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 3: | Line 3: | ||
This describes a method of setting up networking for a host and its VEs such that the networking configuration for the VEs can be configured exactly as if the VEs were standalone hosts of their own in the same subnets or VLAN as the host. This method makes use of the Virtual Ethernet device and bridges between the host and its containers. This technique has the advantage of allowing IPv6 network configurations to work on both VEs and hosts as they normally would. In particular, both hosts and VEs can use IPv6 autoconfiguration. The network configuration of a VE can be identical to that of a non-VE system. | This describes a method of setting up networking for a host and its VEs such that the networking configuration for the VEs can be configured exactly as if the VEs were standalone hosts of their own in the same subnets or VLAN as the host. This method makes use of the Virtual Ethernet device and bridges between the host and its containers. This technique has the advantage of allowing IPv6 network configurations to work on both VEs and hosts as they normally would. In particular, both hosts and VEs can use IPv6 autoconfiguration. The network configuration of a VE can be identical to that of a non-VE system. | ||
− | In the following example the host has two physical interfaces and we are setting up the network configuration for VE 100. The host IP configuration is moved out of the ethN interface configs and into the | + | In the following example the host has two physical interfaces and we are setting up the network configuration for VE 100. The host IP configuration is moved out of the ethN interface configs and into the vzbrN interface config scripts (ifcfg-vzbr0 and ifcfg-vzbr1). Ie. the host IP configuration will now reside on the vzbrN interfaces instead of the ethN interfaces. The example also assumes IPv4 is configured statically, whereas IPv6 is auto-configured. |
==Configure host bridge interfaces== | ==Configure host bridge interfaces== | ||
− | |||
− | |||
− | |||
1. (Optional) Verify that you can create a bridge interfaces for each physical interface on the host. | 1. (Optional) Verify that you can create a bridge interfaces for each physical interface on the host. | ||
− | /usr/sbin/brctl addbr | + | /usr/sbin/brctl addbr vzbr0 |
− | /usr/sbin/brctl addbr | + | /usr/sbin/brctl addbr vzbr1 |
If the above commands do not work you may need to install the bridge-utils package. | If the above commands do not work you may need to install the bridge-utils package. | ||
− | 2. Make note of the existing IP configuration in the hosts ifcfg-ethN files. | + | 2. Make note of the existing IP configuration in the hosts ifcfg-ethN files. Then, modify the ifcfg-ethN files on the host so that they ONLY bridge to the corresponding vzbrN interface. /etc/sysconfig/network-scripts/ifcfg-eth0 should look like: |
− | |||
− | |||
− | |||
− | |||
− | Then, modify the ifcfg-ethN files on the host so that they ONLY bridge to the corresponding | ||
DEVICE=eth0 | DEVICE=eth0 | ||
BOOTPROTO=none | BOOTPROTO=none | ||
ONBOOT=yes | ONBOOT=yes | ||
− | BRIDGE= | + | BRIDGE=vzbr0 |
Similarly ifcfg-eth1 will look like: | Similarly ifcfg-eth1 will look like: | ||
Line 33: | Line 25: | ||
BOOTPROTO=none | BOOTPROTO=none | ||
ONBOOT=yes | ONBOOT=yes | ||
− | BRIDGE= | + | BRIDGE=vzbr1 |
Note that the ifcfg-ethN files on the host do not contain any IP information anymore. | Note that the ifcfg-ethN files on the host do not contain any IP information anymore. | ||
− | 3. Create ifcfg- | + | 3. Create ifcfg-vzbrN files and copy the IP configuration that was previously in the ifcfg-ethN files into ifcfg-vzbrN. Here's what host:/etc/sysconfig/network-scripts/ifcfg-vzbr0 would look like assuming the IPv4 address is assigned statically and IPv6 auto-configuration (SLAAC) is used: |
− | DEVICE= | + | DEVICE=vzbr0 |
BOOTPROTO=static | BOOTPROTO=static | ||
IPADDR=xxx.xxx.xxx.xxx | IPADDR=xxx.xxx.xxx.xxx | ||
NETMASK=aaa.aaa.aaa.aaa | NETMASK=aaa.aaa.aaa.aaa | ||
ONBOOT=yes | ONBOOT=yes | ||
− | TYPE= | + | TYPE=bridge |
− | |||
− | Similarly, ifcfg- | + | Similarly, ifcfg-vzbr1 should look like: |
− | DEVICE= | + | DEVICE=vzbr1 |
BOOTPROTO=static | BOOTPROTO=static | ||
IPADDR=yyy.yyy.yyy.yyy | IPADDR=yyy.yyy.yyy.yyy | ||
NETMASK=bbb.bbb.bbb.bbb | NETMASK=bbb.bbb.bbb.bbb | ||
ONBOOT=yes | ONBOOT=yes | ||
− | TYPE= | + | TYPE=bridge |
− | |||
− | |||
− | |||
− | |||
− | |||
− | 4. On the host, do a 'service network restart' and verify the host has both IPv4 and IPv6 connectivity to its | + | 4. On the host, do a 'service network restart' and verify the host has both IPv4 and IPv6 connectivity to its vzbrN interfaces. |
==Create the VE veth interfaces== | ==Create the VE veth interfaces== | ||
− | 5. Create the VE as you normally would | + | 5. Create the VE as you normally would except do NOT specify any IP address, just the hostname. Specifying an IP address during VE creation creates an unwanted venet interface which is not used in this configuration. |
/usr/sbin/vzctl create 100 --ostemplate name --hostname name | /usr/sbin/vzctl create 100 --ostemplate name --hostname name | ||
Line 80: | Line 66: | ||
==Bridge the host and VE== | ==Bridge the host and VE== | ||
− | 7. Next we add the host vethN interfaces to the host bridged interfaces ( | + | 7. Next we add the host vethN interfaces to the host bridged interfaces (vzbrN). |
Create host:/etc/sysconfig/network-scripts/ifcfg-veth100.0 | Create host:/etc/sysconfig/network-scripts/ifcfg-veth100.0 | ||
Line 86: | Line 72: | ||
DEVICE=veth100.0 | DEVICE=veth100.0 | ||
ONBOOT=no | ONBOOT=no | ||
− | BRIDGE= | + | BRIDGE=vzbr0 |
Create host:/etc/sysconfig/network-scripts/ifcfg-veth100.1 | Create host:/etc/sysconfig/network-scripts/ifcfg-veth100.1 | ||
Line 92: | Line 78: | ||
DEVICE=veth100.1 | DEVICE=veth100.1 | ||
ONBOOT=no | ONBOOT=no | ||
− | BRIDGE= | + | BRIDGE=vzbr1 |
To make the above take effect, either start the VE, | To make the above take effect, either start the VE, | ||
Line 100: | Line 86: | ||
Or if it's already started then manually add each VE interface to its corresponding bridge using: | Or if it's already started then manually add each VE interface to its corresponding bridge using: | ||
− | /usr/sbin/brctl addif | + | /usr/sbin/brctl addif vzbr0 veth100.0 |
− | /usr/sbin/brctl addif | + | /usr/sbin/brctl addif vzbr1 veth100.1 |
8. Verify each bridge includes the host interface and the veth interfaces for each VE: | 8. Verify each bridge includes the host interface and the veth interfaces for each VE: | ||
Line 124: | Line 110: | ||
NETMASK=yyy.yyy.yyy.yyy | NETMASK=yyy.yyy.yyy.yyy | ||
ONBOOT=yes | ONBOOT=yes | ||
− | |||
10. Initialize the interfaces and restart the network service on the container. | 10. Initialize the interfaces and restart the network service on the container. | ||
Line 161: | Line 146: | ||
and you will be good to go. The CT will now autoconfigure the network interfaces the next time it sees an RA. | and you will be good to go. The CT will now autoconfigure the network interfaces the next time it sees an RA. | ||
− | NOTE: Due to bug [http://bugzilla.openvz.org/show_bug.cgi?id=1723 1723] this setup might not work: Enabling the routing on CT0 can effectively kill all IPv6 connectivity for the CT, depending on the setup. | + | NOTE: Due to bug [http://bugzilla.openvz.org/show_bug.cgi?id=1723 1723] this setup might not work: Enabling the routing on CT0 can effectively kill all IPv6 connectivity for the CT, depending on the setup. |
==See also== | ==See also== |