Editing Virtual Ethernet device
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | + | '''Virtual ethernet device''' is an ethernet-like device which can be used inside a [[VE]]. Unlike | |
− | + | [[venet]] network device, veth device has a MAC address. Due to this, it can be used in configurations, when veth is bridged to ethX or other device and VE user fully sets up his networking himself, | |
− | '''Virtual | + | including IPs, gateways etc. |
− | inside a [[ | ||
− | has a MAC address. | ||
− | is bridged to | ||
− | |||
− | himself, including IPs, gateways | ||
− | + | Virtual ethernet device consist of two ethernet devices - one in [[CT0]] and another one | |
− | + | in VE. These devices are connected to each other, so if a packet goes to one | |
− | one in [[CT0]] | + | device it will come out from the other device. |
− | connected to each other | ||
− | == Virtual | + | == Virtual ethernet device usage == |
− | === Kernel module === | + | === Kernel module === |
− | + | First of all, make sure the <code>vzethdev</code> module is loaded: | |
<pre> | <pre> | ||
# lsmod | grep vzeth | # lsmod | grep vzeth | ||
Line 24: | Line 18: | ||
</pre> | </pre> | ||
− | |||
In case it is not loaded, load it: | In case it is not loaded, load it: | ||
<pre> | <pre> | ||
Line 30: | Line 23: | ||
</pre> | </pre> | ||
− | + | You might want to add the module to <code>/etc/init.d/vz script</code>, so it will be loaded during startup. | |
− | |||
− | |||
− | |||
− | + | {{Note|since vzctl version 3.0.11, vzethdev is loaded by /etc/init.d/vz}} | |
− | + | ||
+ | === MAC addresses === | ||
+ | In the below commands, you should use random MAC addresses. Do not use MAC addresses of real eth devices, because this can lead to collisions. | ||
− | |||
MAC addresses must be entered in XX:XX:XX:XX:XX:XX format. | MAC addresses must be entered in XX:XX:XX:XX:XX:XX format. | ||
− | + | YOU MAY NOT NEED TO GENERATE MAC ADDRESSES BY HAND BECAUSE vzctl --netif_add MAY GENERATE THEM AUTOMATICALLY AS NECESSARY. | |
− | + | ||
+ | Nevertheless, there is a utility script available for generating MAC addresses: http://www.easyvmx.com/software/easymac.sh. It is to be used like this: | ||
− | + | chmod +x easymac.sh | |
− | chmod +x easymac.sh | ||
./easymac.sh -R | ./easymac.sh -R | ||
− | === Adding veth to a | + | === Adding veth to a VE === |
+ | |||
+ | ==== syntax vzctl version >= 3.0.14 ==== | ||
− | + | Read Update infos about [http://openvz.org/news/updates/vzctl-3.0.14-1 vzctl 3.0.14] | |
− | vzctl set < | + | |
+ | <pre> | ||
+ | vzctl set <VEID> --netif_add <ifname>[,<mac>,<host_ifname>,<host_mac] | ||
+ | </pre> | ||
− | |||
Here | Here | ||
− | * <tt>ifname</tt> is the | + | * <tt>ifname</tt> is the ethernet device name in the VE |
− | * <tt>mac</tt> is its MAC address in the | + | * <tt>mac</tt> is its MAC address in the VE |
− | * <tt>host_ifname</tt> is the | + | * <tt>host_ifname</tt> is the ethernet device name on the host ([[CT0]]) |
− | * <tt>host_mac</tt> is its MAC address on the host ([[CT0]] | + | * <tt>host_mac</tt> is its MAC address on the host ([[CT0]]) |
− | |||
− | + | {{Note|All parameters except ifname are optional and are automatically generated if not specified.}} | |
− | {{Note|All parameters except | ||
− | |||
Example: | Example: | ||
− | + | <pre> | |
− | vzctl set 101 --netif_add eth0 | + | vzctl set 101 --netif_add eth0 |
+ | </pre> | ||
− | + | Or, if you want to specify everything: | |
− | |||
− | + | <pre> | |
vzctl set 101 --netif_add eth0,00:12:34:56:78:9A,veth101.0,00:12:34:56:78:9B --save | vzctl set 101 --netif_add eth0,00:12:34:56:78:9A,veth101.0,00:12:34:56:78:9B --save | ||
+ | </pre> | ||
− | < | + | ==== syntax vzctl version < 3.0.14 ==== |
− | |||
− | + | <pre> | |
− | vzctl set | + | vzctl set <VEID> --veth_add <dev_name>,<dev_addr>,<ve_dev_name>,<ve_dev_addr> |
+ | </pre> | ||
− | < | + | Here |
− | + | * <tt>dev_name</tt> is the ethernet device name that you are creating on the [[CT0|host system]] | |
+ | * <tt>dev_addr</tt> is its MAC address | ||
+ | * <tt>ve_dev_name</tt> is the corresponding ethernet device name you are creating on the VE | ||
+ | * <tt>ve_dev_addr</tt> is its MAC address | ||
− | + | {{Note| that this option is incremental, so devices are added to already existing ones.}} | |
− | vzctl set 101 -- | + | |
+ | NB there are no spaces after the commas | ||
+ | |||
+ | Example: | ||
+ | <pre> | ||
+ | [host-node] ifconfig eth0 | ||
+ | ... | ||
+ | HWaddress 00:12:34:56:78:9B | ||
+ | ... | ||
+ | </pre> | ||
+ | |||
+ | <pre> | ||
+ | [host-node] easymac.sh -R | ||
+ | 00:12:34:56:78:9A | ||
+ | </pre> | ||
+ | |||
+ | <pre> | ||
+ | vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save | ||
+ | </pre> | ||
+ | After executing this command <tt>veth</tt> device will be created for VE 101 and veth configuration will be saved to a VE configuration file. | ||
+ | Host-side ethernet device will have <tt>veth101.0</tt> name and <tt>00:12:34:56:78:9A</tt> MAC address. | ||
+ | VE-side ethernet device will have <tt>eth0</tt> name and <tt>00:12:34:56:78:9B</tt> MAC address. | ||
− | === Removing veth from a | + | === Removing veth from a VE === |
− | + | ==== syntax vzctl version >= 3.0.14 ==== | |
− | vzctl set < | + | <pre> |
+ | vzctl set <VEID> --netif_del <dev_name>|all | ||
+ | </pre> | ||
− | |||
Here | Here | ||
− | * <code>dev_name</code> is the | + | * <code>dev_name</code> is the ethernet device name in the [[VE]]. |
− | + | {{Note|If you want to remove all ethernet devices in VE, use <code>all</code>.}} | |
− | {{Note|If you want to remove all | ||
− | |||
Example: | Example: | ||
− | + | <pre> | |
vzctl set 101 --netif_del eth0 --save | vzctl set 101 --netif_del eth0 --save | ||
+ | </pre> | ||
− | |||
− | |||
− | === | + | ==== syntax vzctl version < 3.0.14 ==== |
+ | |||
+ | <pre> | ||
+ | vzctl set <VEID> --veth_del <dev_name> | ||
+ | </pre> | ||
+ | Here <tt>dev_name</tt> is the ethernet device name in the [[CT0|host system]]. | ||
+ | |||
+ | Example: | ||
+ | <pre> | ||
+ | vzctl set 101 --veth_del veth101.0 --save | ||
+ | </pre> | ||
+ | After executing this command veth device with host-side ethernet name veth101.0 will be removed from VE 101 and veth configuration will be updated in VE config file. | ||
− | |||
− | |||
− | ==== | + | == Common configurations with virtual ethernet devices == |
+ | Module <tt>vzethdev</tt> must be loaded to operate with veth devices. | ||
− | + | === Simple configuration with virtual ethernet device === | |
+ | |||
+ | ==== Start a VE ==== | ||
+ | <pre> | ||
[host-node]# vzctl start 101 | [host-node]# vzctl start 101 | ||
+ | </pre> | ||
− | ==== Add veth device to | + | ==== Add veth device to VE ==== |
− | + | <pre> | |
− | [host-node]# vzctl set 101 --netif_add | + | [host-node]# vzctl set 101 --netif_add veth101 --save |
+ | </pre> | ||
− | + | This allocates a mac address, and associates it with the host eth0 port | |
− | This allocates a | ||
− | ==== Configure devices in CT0 ==== | + | ==== Configure devices in CT0 ==== |
− | |||
<pre> | <pre> | ||
[host-node]# ifconfig veth101.0 0 | [host-node]# ifconfig veth101.0 0 | ||
Line 137: | Line 165: | ||
</pre> | </pre> | ||
− | ==== Configure device in | + | Notes: |
− | + | * These files did not exist for me when trying ([[User:Mrjcleaver|Mrjcleaver]] 14:04, 31 May 2008 (EDT)) | |
+ | |||
+ | ==== Configure device in VE ==== | ||
<pre> | <pre> | ||
[host-node]# vzctl enter 101 | [host-node]# vzctl enter 101 | ||
Line 146: | Line 176: | ||
</pre> | </pre> | ||
− | |||
Notes: | Notes: | ||
* Until you ifconfig eth0 it won't appear. When you do it will use the mac address netif_add added earlier | * Until you ifconfig eth0 it won't appear. When you do it will use the mac address netif_add added earlier | ||
* 192.168.0.101 is chosen to be an [[unrouteable private ip address]]. Where 101 reminds you that it is node 101. | * 192.168.0.101 is chosen to be an [[unrouteable private ip address]]. Where 101 reminds you that it is node 101. | ||
* The "ip route" tells all traffic to head to "device eth0" | * The "ip route" tells all traffic to head to "device eth0" | ||
− | * In theory you could | + | * In theory you could use dhcpcd or dhclient to pick up an DHCP address from your router instead of hardwiring it |
** http://openvz.org/pipermail/users/2005-November/000020.html | ** http://openvz.org/pipermail/users/2005-November/000020.html | ||
− | ==== Add route in [[CT0]] ==== < | + | ==== Add route in [[CT0]] ==== |
− | + | <pre> | |
− | + | [host-node]# ip route add 192.168.0.101 dev veth101.0 | |
+ | </pre> | ||
− | === | + | === Virtual ethernet device with IPv6 === |
− | + | ==== Start [[VE]] ==== | |
− | + | <pre> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== Start | ||
− | |||
− | |||
[host-node]# vzctl start 101 | [host-node]# vzctl start 101 | ||
+ | </pre> | ||
− | ==== Add veth device to | + | ==== Add veth device to [[VE]] ==== |
+ | <pre> | ||
+ | [host-node]# vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save | ||
+ | </pre> | ||
− | + | ==== Configure devices in [[CT0]] ==== | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== Configure | ||
− | |||
− | |||
<pre> | <pre> | ||
[host-node]# ifconfig veth101.0 0 | [host-node]# ifconfig veth101.0 0 | ||
− | [host-node]# | + | [host-node]# echo 1 > /proc/sys/net/ipv6/conf/veth101.0/forwarding |
+ | [host-node]# echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding | ||
+ | [host-node]# echo 1 > /proc/sys/net/ipv6/conf/all/forwarding | ||
</pre> | </pre> | ||
− | < | + | ==== Configure device in [[VE]] ==== |
− | + | <pre> | |
+ | [host-node]# vzctl enter 101 | ||
+ | [ve-101]# /sbin/ifconfig eth0 0 | ||
+ | </pre> | ||
− | + | ==== Start router advertisement daemon (radvd) for IPv6 in CT0 ==== | |
− | + | First you need to edit radvd configuration file. Here is a simple example of <tt>/etc/radv.conf</tt>: | |
− | |||
− | |||
− | |||
<pre> | <pre> | ||
− | + | interface veth101.0 | |
− | + | { | |
− | + | AdvSendAdvert on; | |
− | + | MinRtrAdvInterval 3; | |
− | + | MaxRtrAdvInterval 10; | |
− | + | AdvHomeAgentFlag off; | |
− | |||
− | + | prefix 3ffe:2400:0:0::/64 | |
− | + | { | |
− | + | AdvOnLink on; | |
− | + | AdvAutonomous on; | |
+ | AdvRouterAddr off; | ||
+ | }; | ||
+ | }; | ||
− | + | interface eth0 | |
− | |||
{ | { | ||
− | + | AdvSendAdvert on; | |
− | + | MinRtrAdvInterval 3; | |
− | + | MaxRtrAdvInterval 10; | |
− | + | AdvHomeAgentFlag off; | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | prefix 3ffe:0302:0011:0002::/64 | |
− | + | { | |
− | + | AdvOnLink on; | |
− | + | AdvAutonomous on; | |
− | + | AdvRouterAddr off; | |
− | + | }; | |
− | + | }; | |
</pre> | </pre> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | Then, start radvd: | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<pre> | <pre> | ||
− | [ | + | [host-node]# /etc/init.d/radvd start |
− | |||
− | |||
</pre> | </pre> | ||
− | + | ==== Add IPv6 addresses to devices in [[CT0]] ==== | |
− | |||
<pre> | <pre> | ||
− | + | [host-node]# ip addr add dev veth101.0 3ffe:2400::212:34ff:fe56:789a/64 | |
− | + | [host-node]# ip addr add dev eth0 3ffe:0302:0011:0002:211:22ff:fe33:4455/64 | |
− | |||
− | |||
− | |||
− | |||
</pre> | </pre> | ||
− | === Virtual | + | === Virtual ethernet devices can be joined in one bridge === |
+ | Perform steps 1 - 4 from Simple configuration chapter for several containers and/or veth devices | ||
− | + | ==== Create bridge device ==== | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== Create bridge device ==== | ||
<pre> | <pre> | ||
[host-node]# brctl addbr vzbr0 | [host-node]# brctl addbr vzbr0 | ||
</pre> | </pre> | ||
− | ==== Add veth devices to bridge ==== | + | ==== Add veth devices to bridge ==== |
<pre> | <pre> | ||
[host-node]# brctl addif vzbr0 veth101.0 | [host-node]# brctl addif vzbr0 veth101.0 | ||
Line 293: | Line 278: | ||
</pre> | </pre> | ||
− | ==== Configure bridge device ==== | + | ==== Configure bridge device ==== |
<pre> | <pre> | ||
[host-node]# ifconfig vzbr0 0 | [host-node]# ifconfig vzbr0 0 | ||
+ | [host-node]# echo 1 > /proc/sys/net/ipv4/conf/vzbr0/forwarding | ||
+ | [host-node]# echo 1 > /proc/sys/net/ipv4/conf/vzbr0/proxy_arp | ||
</pre> | </pre> | ||
− | === | + | ==== Add routes in [[CT0]] ==== |
− | + | <pre> | |
+ | [host-node]# ip route add 192.168.101.1 dev vzbr0 | ||
+ | ... | ||
+ | [host-node]# ip route add 192.168.101.n dev vzbr0 | ||
+ | [host-node]# ip route add 192.168.102.1 dev vzbr0 | ||
+ | ... | ||
+ | ... | ||
+ | [host-node]# ip route add 192.168.XXX.N dev vzbr0 | ||
+ | </pre> | ||
− | + | Thus you'll have more convinient configuration, i.e. all routes to containers will be through this bridge and containers can communicate with each other even without these routes. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | === Making a veth-device persistent === | |
According to http://bugzilla.openvz.org/show_bug.cgi?id=301 , a bug that stopped the veth device persistent was "Obsoleted now when --veth_add/--veth_del are introduced" | According to http://bugzilla.openvz.org/show_bug.cgi?id=301 , a bug that stopped the veth device persistent was "Obsoleted now when --veth_add/--veth_del are introduced" | ||
− | + | See http://wiki.openvz.org/w/index.php?title=Virtual_Ethernet_device&diff=5990&oldid=5989 for a workaround that used to be described in this section. | |
− | See http://wiki.openvz.org/w/index.php?title=Virtual_Ethernet_device&diff=5990&oldid=5989 | + | |
+ | That's it! At this point, when you restart the VE you should see a new line in the output, indicating that the interface is being configured and a new route being added. And you should be able to ping the host, and to enter the VE and use the network. | ||
+ | |||
+ | === Making a bridged veth-device persistent === | ||
+ | Like the above example, here it is how to add the veth device to a bridge in a persistent way. vzctl doesn't offer an automatic function to do this. | ||
+ | |||
+ | 1. First, edit the VE's configuration to specify what is the host bridge , and to indicate that a custom script should be run when starting up a VE. | ||
+ | * Open up /etc/vz/conf/VEID.conf | ||
+ | * Comment out any IP_ADDRESS entries to prevent a VENET-device from being created in the VE | ||
+ | * Add or change the entry CONFIG_CUSTOMIZED="yes" | ||
+ | * Add an entry VZHOSTBR="<bridge if>" which is the bridge interface (already configured and up), you want to extend. | ||
+ | |||
+ | 2. Now to create that "custom script". The following helper script will check the configuration file for the bridge interface name and for the veth interface, and add the interface to the bridge. Create the script /usr/sbin/vznetaddbr to have the following, and then <code>chmod 0500 /usr/sbin/vznetaddbr</code> to make it executable. | ||
+ | |||
+ | <pre> | ||
+ | #!/bin/bash | ||
+ | # /usr/sbin/vznetaddbr | ||
+ | # a script to add virtual network interfaces (veth's) in a VE to a bridge on CT0 | ||
+ | |||
+ | CONFIGFILE=/etc/vz/conf/$VEID.conf | ||
+ | . $CONFIGFILE | ||
+ | VZHOSTIF=`echo $NETIF |sed 's/^.*host_ifname=\(.*\),.*$/\1/g'` | ||
− | + | if [ ! -n "$VZHOSTIF" ]; then | |
− | + | echo "According to $CONFIGFILE VE$VEID has no veth interface configured." | |
+ | exit 1 | ||
+ | fi | ||
− | + | if [ ! -n "$VZHOSTBR" ]; then | |
+ | echo "According to $CONFIGFILE VE$VEID has no bridge interface configured." | ||
+ | exit 1 | ||
+ | fi | ||
− | + | echo "Adding interface $VZHOSTIF to bridge $VZHOSTBR on CT0 for VE$VEID" | |
− | + | /sbin/ifconfig $VZHOSTIF 0 | |
+ | echo 1 > /proc/sys/net/ipv4/conf/$VZHOSTIF/proxy_arp | ||
+ | echo 1 > /proc/sys/net/ipv4/conf/$VZHOSTIF/forwarding | ||
+ | /usr/sbin/brctl addif $VZHOSTBR $VZHOSTIF | ||
− | < | + | exit 0 |
− | + | </pre> | |
− | + | 3. Now create /etc/vz/vznet.conf containing the following. This is what defines the "custom script" as being the vznetaddbr which you just created. | |
− | |||
− | |||
<pre> | <pre> | ||
+ | #!/bin/bash | ||
EXTERNAL_SCRIPT="/usr/sbin/vznetaddbr" | EXTERNAL_SCRIPT="/usr/sbin/vznetaddbr" | ||
</pre> | </pre> | ||
− | + | 4. Of course, the VE's operating system will need to have . Consult the manual for your VE's OS for details. | |
− | + | ||
− | < | + | When the VE is started, the veth specified in the NETIF value is added to the bridge specified. You can check this by doing <code>brctl show</code> |
− | |||
− | </ | ||
− | + | Inside the VE you can configure the interface statically or using dhcp, as a real interface attached to a switch on the lan. | |
− | |||
− | === Virtual | + | === Virtual ethernet devices + VLAN === |
This configuration can be done by adding vlan device to the previous configuration. | This configuration can be done by adding vlan device to the previous configuration. | ||
− | == See also == | + | == See also == |
* [[Virtual network device]] | * [[Virtual network device]] | ||
* [[Differences between venet and veth]] | * [[Differences between venet and veth]] | ||
* [[Using private IPs for Hardware Nodes]] | * [[Using private IPs for Hardware Nodes]] | ||
− | |||
* Troubleshooting: [[Bridge doesn't forward packets]] | * Troubleshooting: [[Bridge doesn't forward packets]] | ||
− | == External links == | + | == External links == |
* [http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/hints-daemons-radvd.html Linux IPv6 HOWTO, a chapter about radvd] | * [http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/hints-daemons-radvd.html Linux IPv6 HOWTO, a chapter about radvd] | ||
− | * [http:// | + | * [http://vireso.blogspot.com/2008/02/2-veth-with-2-brindges-on-openvz-at.html 2 veth with 2 bridges setup] |
− | |||
− | |||
− | |||
[[Category: Networking]] | [[Category: Networking]] | ||
[[Category: HOWTO]] | [[Category: HOWTO]] |