Editing Virtual network device
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | Virtual network device (<code>venet</code>) is the default network device for a [[container]]. | + | Virtual network device (<code>venet</code>) is the default network device for a [[container]]. This network device looks like a point-to-point connection between [[container]] and the [[CT0|host system]]. It does packet switching based on IP header. This is a default network device for container (an alternative is [[veth]] device). |
Venet drop ip-packets '''from''' the container with a source address, and '''in''' the container with the destination address, which is not corresponding to an ip-address of the container. | Venet drop ip-packets '''from''' the container with a source address, and '''in''' the container with the destination address, which is not corresponding to an ip-address of the container. | ||
Line 24: | Line 24: | ||
vzctl set <CTID> --ipadd <IP1>[,<IP2>,...] [--save] | vzctl set <CTID> --ipadd <IP1>[,<IP2>,...] [--save] | ||
</pre> | </pre> | ||
− | |||
− | |||
{{Note|This option is incremental, so IP addresses are added to already existing ones.}} | {{Note|This option is incremental, so IP addresses are added to already existing ones.}} | ||
Line 31: | Line 29: | ||
==== Example ==== | ==== Example ==== | ||
<pre> | <pre> | ||
− | vzctl set 101 --ipadd 10.0.0.1 | + | vzctl set 101 --ipadd 10.0.0.1 --save |
− | |||
</pre> | </pre> | ||
After executing this command IP address 10.0.0.1 will be added to container 101 and IP configuration will be saved to a container configuration file. | After executing this command IP address 10.0.0.1 will be added to container 101 and IP configuration will be saved to a container configuration file. | ||
Line 45: | Line 42: | ||
<pre> | <pre> | ||
vzctl set 101 --ipdel 10.0.0.1 | vzctl set 101 --ipdel 10.0.0.1 | ||
− | |||
</pre> | </pre> | ||
After executing this command IP address 10.0.0.1 will be removed from container 101, but IP configuration will not be changed in container config file. And after container reboot IP address 10.0.0.1 will be assigned to this container again. | After executing this command IP address 10.0.0.1 will be removed from container 101, but IP configuration will not be changed in container config file. And after container reboot IP address 10.0.0.1 will be assigned to this container again. | ||
− | == | + | == Sysctl == |
+ | |||
+ | You will need to configure some sysctl parameters to get your venet devices working. | ||
+ | Please have a look at the [[Installation_on_Debian#sysctl]] section. | ||
+ | |||
+ | == IPv6 == | ||
+ | |||
+ | To setup IPv6 networking with venet you'll need to enable the following in your sysctl.conf: | ||
− | + | <code> | |
+ | # IPv6 Packet Forwarding and Proxy NDP | ||
+ | net.ipv6.conf.default.forwarding = 1 | ||
+ | net.ipv6.conf.all.forwarding = 1 | ||
+ | net.ipv6.conf.default.proxy_ndp = 1 | ||
+ | net.ipv6.conf.all.proxy_ndp = 1 | ||
+ | </code> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | In IPv6 you can't control forwarding per device, forwarding control has to take place in ip6tables, so all interfaces will forward IPv6 traffic. | |
− | + | ||
+ | If you enable IPv6 forwarding for your interfaces, Linux assumes your host to act like a router and will ignore 'Router Advertisments' | ||
+ | (see [http://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol Neighbor Discovery Protocol] or [http://mirrors.bieringer.de/Linux+IPv6-HOWTO/proc-sys-net-ipv6.html Linux IPv6 Howto]). | ||
+ | |||
+ | You will as well need to configure a new v6 default gateway for your host: | ||
− | + | <code> | |
− | + | ip addr add 2620:0:2d0:1::193/64 dev eth0 | |
+ | route -6 add default gw 2620:0:2d0:1::1 | ||
+ | </code> | ||
− | + | You can add these commands to your existing network configuration on Debian/Linux: | |
− | |||
− | |||
− | + | <code> | |
+ | iface eth0 inet static | ||
+ | address 64.131.90.7 | ||
+ | netmask 255.255.255.240 | ||
+ | network 64.131.90.0 | ||
+ | broadcast 64.131.90.15 | ||
+ | gateway 64.131.90.1 | ||
+ | up ip addr add 2620:0:2d0:1::193/64 dev eth0 | ||
+ | up route -6 add default gw 2620:0:2d0:1::1 | ||
+ | down ip addr del 3620:0:2d0:1::193/64 dev eth0 | ||
+ | </code> | ||
+ | == Limitations == | ||
+ | === No [http://en.wikipedia.org/wiki/Address_Resolution_Protocol ARP] protocol support === | ||
+ | Venet network device is explicitly NOARP, so there is no MAC address. | ||
+ | Consequently, it's not possible to make broadcasts inside a [[CT|container]], so software like Samba server or DHCP server, will not function (under a container with a venet network device).<br /> | ||
+ | Please consider use of [[veth]] network device if you need this feature | ||
− | + | === No bridge support === | |
+ | Venet network device cannot be bridged together and/or with other devices.<br /> | ||
+ | Please consider use of [[veth]] network device if you need this feature | ||
+ | |||
+ | === No possiblity to assign an IP from the CT === | ||
+ | With venet device, only OpenVZ [[Hardware_Node|hardware node]] administrator can assign an IP address to a [[CT|container]].<br /> | ||
+ | Please consider use of [[veth]] network device if you need this feature | ||
== See also == | == See also == |