6,535
 edits
Changes
VE -> CT, container; ethernet->Ethernet; some formatting
'''Virtual ethernet Ethernet device''' is an ethernetEthernet-like device which can be used inside a [[VEcontainer]]. Unlike[[venet]] network device, veth device has a MAC address. Due to this, therefore it can be used in configurations, when veth is bridged to ethX or other device and VE container's user fully sets up his networking himself, including IPs, gateways etc.
Virtual ethernet Ethernet device consist of two ethernet Ethernet devices - -the one in [[CT0]] and another one in VECT. These devices are connected to each other, so if a packet goes to one
device it will come out from the other device.
== Virtual ethernet Ethernet device usage ==
=== Kernel module ===
</pre>
=== MAC addresses ===
MAC addresses must be entered in XX:XX:XX:XX:XX:XX format.
YOU MAY NOT NEED TO GENERATE MAC ADDRESSES BY HAND BECAUSE vzctl --netif_add veth_addMAY GENERATE THEM AUTOMATICALLY AS NECESSARY.
Nevertheless, there is a utility script available for generating MAC addresses: http://www.easyvmx.com/software/easymac.sh. It is to be used like this:
 ./easymac.sh -R
=== Adding veth to a VE CT ===
==== syntax vzctl version > 3.0.22 ====
Here
* <tt>ifname</tt> is the ethernet Ethernet device name in the VECT* <tt>mac</tt> is its MAC address in the VECT* <tt>host_ifname</tt>  is the ethernet Ethernet device name on the host ([[CT0]])
* <tt>host_mac</tt> is its MAC address on the host ([[CT0]])
* <tt>bridge</tt> is an optional parameter which can be used in custom network start scripts to automatically add  the interface to a bridge.
{{Note|All parameters except <code>ifname </code> are optional and are automatically generated if not specified.}}
Example:
Or, if you want to specify everything:
Or, if you want to specify the bridge (and leave the other values generated)autogenerated:
==== syntax vzctl version >= 3.0.14 ====
Here 
* <tt>dev_name</tt> is the ethernet Ethernet device name that you are creating on the [[CT0|host system]]
* <tt>dev_addr</tt> is its MAC address
* <tt>ve_dev_name</tt> is the corresponding ethernet Ethernet device name you are creating on the VECT
* <tt>ve_dev_addr</tt> is its MAC address
{{Note| that this option is incremental, so devices are added to already existing ones.}}
NB there are should no spaces after the commas.
Example:
</pre>
=== Removing veth from a VE CT ===
==== syntax vzctl version >= 3.0.14 ====
Here
* <code>dev_name</code> is the ethernet Ethernet device name in the [[VECT]].
{{Note|If you want to remove all ethernet Ethernet devices in VECT, use <code>all</code>.}}
Example:
==== syntax vzctl version < 3.0.14 ====
Example:
 vzctl set 101 --veth_del veth101.0 --save
After executing this command veth device with host-side Ethernet name
<code>veth101.0</code> will be removed from CT101 and veth configuration
will be updated in CT config file.
== Common configurations with virtual ethernet Ethernet devices ==
Module <tt>vzethdev</tt> must be loaded to operate with veth devices.
=== Simple configuration with virtual ethernet Ethernet device === ==== Start a CT ====  [host-node]# vzctl start 101
==== Add veth device to VE CT ====
This allocates a mac MAC address, and associates it with the host eth0 port.
==== Configure devices in CT0 ====
* These files did not exist for me when trying ([[User:Mrjcleaver|Mrjcleaver]] 14:04, 31 May 2008 (EDT))
==== Configure device in VE CT ====
<pre>
[host-node]# vzctl enter 101
==== Add route in [[CT0]] ====
 [host-node]# ip route add 192.168.0.101 dev veth101.0  === Virtual ethernet Ethernet device with IPv6 === ==== Start a [[CT]] ====  [host-node]# vzctl start 101 ==== Add veth device to the [[CT]] ====  [host-node]# vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save
==== Start Configure devices in the [[VECT0]] ====<pre>[host-node]# vzctl start 101</pre>
==== Configure devices device in [[CT0CT]] ====<pre>[host-node]# ifconfig veth101.0 0[host-node]# echo 1 > /proc/sys/net/ipv6/conf/veth101.0/forwarding[host-node]# echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding[host-node]# echo 1 > /proc/sys/net/ipv6/conf/all/forwarding</pre>
==== Start router advertisement daemon (radvd) for IPv6 in CT0 ====
Then, start radvd:
==== Add IPv6 addresses to devices in [[CT0]] ====
</pre>
=== Virtual ethernet Ethernet devices can be joined in one bridge ===
Perform steps 1 - 4 from Simple configuration chapter for several containers and/or veth devices
See http://wiki.openvz.org/w/index.php?title=Virtual_Ethernet_device&diff=5990&oldid=5989 for a workaround that used to be described in this section.
That's it! At this point, when you restart the VE CT you should see a new line in the output, indicating that the interface is being configured and a new route being added. And you should be able to ping the host, and to enter the VE CT and use the network.
=== Making a bridged veth-device persistent ===
older vzctl doesn't offer an automatic function to do this.
1. First, edit the VECT's configuration to specify what is the host bridge , and to indicate that a custom script should be run when starting up a VECT.* Open up /etc/vz/conf/VEIDCTID.conf* Comment out any IP_ADDRESS entries to prevent a VENETCTNET-device from being created in the VECT
* Add or change the entry CONFIG_CUSTOMIZED="yes"
* Add an entry VZHOSTBR="<bridge if>" which is the bridge interface (already configured and up), you want to extend.
#!/bin/bash
# /usr/sbin/vznetaddbr
# a script to add virtual network interfaces (veth's) in a VE CT to a bridge on CT0
CONFIGFILE=/etc/vz/conf/$VEIDCTID.conf
. $CONFIGFILE
VZHOSTIF=`echo $NETIF |sed 's/^.*host_ifname=\(.*\),.*$/\1/g'`
if [ ! -n "$VZHOSTIF" ]; then
   echo "According to $CONFIGFILE VECT$VEID CTID has no veth interface configured."
   exit 1
fi
if [ ! -n "$VZHOSTBR" ]; then
   echo "According to $CONFIGFILE VECT$VEID CTID has no bridge interface configured."
   exit 1
fi
echo "Adding interface $VZHOSTIF to bridge $VZHOSTBR on CT0 for VECT$VEIDCTID"
/sbin/ifconfig $VZHOSTIF 0
echo 1 > /proc/sys/net/ipv4/conf/$VZHOSTIF/proxy_arp
</pre>
4. Of course, the VECT's operating system will need to have . Consult the manual for your VECT's OS for details.
When the VE CT is started, the veth specified in the NETIF value is added to the bridge specified. You can check this by doing <code>brctl show</code>
Inside the VE CT you can configure the interface statically or using dhcp, as a real interface attached to a switch on the lan.
=== Virtual ethernet Ethernet devices + VLAN ===
This configuration can be done by adding vlan device to the previous configuration.