Virtual Ethernet device

From OpenVZ Virtuozzo Containers Wiki
Revision as of 12:57, 8 June 2006 by 195.214.233.10 (talk) (Common configurations with virtual ethernet devices)
Jump to: navigation, search

Virtual ethernet device is ethernet device which can be used inside a VE. Unlike venet network device, veth device has a MAC address.

Virtual ethernet device consist of two ethernet devices - one in VE0 and another one in VE. These devices are connected to each other, so if a packet goes to one device it will come out from the other device.


Virtual ethernet device usage

Adding veth to a VE

vzctl set <VEID> --veth_add <dev_name>,<dev_addr>,<ve_dev_name>,<ve_dev_addr>

Here

  • dev_name is ethernet device name in the host system
  • dev_addr is its MAC address
  • ve_dev_name is an ethernet device name in the VE
  • ve_dev_addr is its MAC address

MAC addresses must be entered in XX:XX:XX:XX:XX:XX format. Note that this option is incremental, so devices are added to already existing ones.

Examples

vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save

After executing this command veth device will be created for VE 101 and veth configuration will be saved to a VE configuration file. Host-side ethernet device will have veth101.0 name and 00:12:34:56:78:9A MAC address. VE-side ethernet device will have eth0 name and 00:12:34:56:78:9B MAC address.

Yellowpin.svg Note: Use random MAC addresses. Do not use MAC addresses of real eth devices, beacuse this can lead to collisions.

Removing veth from a VE

vzctl set <VEID> --veth_del <dev_name>

Here dev_name is the ethernet device name in the host system.

Example

vzctl set 101 --veth_del veth101.0 --save

After executing this command veth device with host-side ethernet name veth101.0 will be removed from VE 101 and veth configuration will be updated in VE config file.

Common configurations with virtual ethernet devices

Module vzethdev must be loaded to operate with veth devices.

Simple configuration with virtual ethernet device

1. Start VE

[host-node] vzctl start 101

2. Add veth device to VE

[host-node] vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save

3. Configure devices in VE0

[host-node] ifconfig veth101.0 up
[host-node] echo 1 > /proc/sys/net/ipv4/conf/veth101.0/forwarding
[host-node] echo 1 > /proc/sys/net/ipv4/conf/veth101.0/proxy_arp
[host-node] echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
[host-node] echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp

4. Configure device in VE

[host-node] vzctl enter 101
[ve-101] ifconfig eth0 up
[ve-101] ip addr add 192.168.0.101 dev eth0
[ve-101] ip ro add default dev eth0

5. Add route in VE0

[host-node] ip ro add 192.168.0.101 dev veth101.0

Virtual ethernet device can be used with IPv6

1. Start VE

[host-node] vzctl start 101

2. Add veth device to VE

[host-node] vzctl set 101 --veth_add veth101.0,00:12:34:56:78:9A,eth0,00:12:34:56:78:9B --save

3. Configure devices in VE0

[host-node] ifconfig veth101.0 up
[host-node] echo 1 > /proc/sys/net/ipv6/conf/veth101.0/forwarding
[host-node] echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding
[host-node] echo 1 > /proc/sys/net/ipv6/conf/all/forwarding

4. Configure device in VE

[host-node] vzctl enter 101
[ve-101] ifconfig eth0 up

5. Start router advertisement daemon (radvd) for IPv6 in VE0 Here is simple example of radv.conf

interface veth101.0
{
        AdvSendAdvert on;
        MinRtrAdvInterval 3;
        MaxRtrAdvInterval 10;
        AdvHomeAgentFlag off;

        prefix 3ffe:2400:0:0::/64
        {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
        };
};

interface eth0
{
        AdvSendAdvert on;
        MinRtrAdvInterval 3;
        MaxRtrAdvInterval 10;
        AdvHomeAgentFlag off;

        prefix 3ffe:0302:0011:0002::/64
        {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
        };
};

6. Add IPv6 addresses to devices in VE0

[host-node] ip a add dev veth101.0 3ffe:2400::212:34ff:fe56:789a/64
[host-node] ip a add dev eth0 3ffe:0302:0011:0002:211:22ff:fe33:4455/64

Virtual ethernet devices can be joined in one bridge

Thus you'll have more convinient configuration, i.e. all routes to VEs will be through this bridge and VEs can communicate with each other even without these routes.

Virtual ethernet devices + VLAN

This configuration can be done by adding vlan device to the previous configuration.