About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Thu 03 Jul 2003 - 01:26:13 BST


On Wed, Jul 02, 2003 at 04:21:54PM -0400, Matthew Nuzum wrote:
> I've been following this thread with interest because I've experienced a
> similar problem. The answers are not yet clear to me though, so let me ask
> outright...
>
> If someone wants a dual-homed vserver where each of it's (vserver's)
> interfaces attaches to a different network, what would you do?
>
> For example, let's assume the physical server has two nics,
> eth0: 10.0.0.0/24 and
> eth1: 192.168.0.1/24.
>
> You want to be able to talk to computers on both networks. What I've found
> is that I can ping other vservers and the physical server using both
> interfaces, but I can only ping other physical computers through one of the
> interfaces.
>
> Here are the lines I've tried in my vserver's conf file:
> IPROOT="eth0:10.0.0.104 eth1:192.168.0.100"
> IPROOTDEV=eth0

 - first, you'll have to use eth0:10.0.0.104/255.255.255.0, if you
   want /24 on 10.x.x.x
 - second you have to specify "eth0 eth1" on IPROOTDEV, and
 - finally you should 'correct' the wrongly (due to a ctx-17 bug)
   assigned broadcast address ...

an example:

S_CONTEXT=5000
IPROOT="eth0:10.0.0.1/255.255.255.0 eth1:192.168.0.1/255.255.255.0"
IPROOTDEV="eth0 eth1"
#ONBOOT=yes
S_HOSTNAME=somename.somedomain.com
S_DOMAINNAME=
S_NICE=
S_FLAGS="lock nproc"
ULIMIT="-H -u 1000"
S_CAPS="CAP_NET_RAW"

after starting the vserver (in my case TE10), you'll get something
like this (among other interfaces) from ifconfig

eth0:TE10 Link encap:Ethernet HWaddr 00:E0:81:21:22:B1
          inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
          UP BROADCAST MULTICAST MTU:1500 Metric:1
          Interrupt:19 Base address:0x3400

eth1:TE10 Link encap:Ethernet HWaddr 00:02:B3:BF:A2:64
          inet addr:192.168.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Interrupt:17 Base address:0x3000

now take a look at the Bcast from eth1:TE101 (yes it actually is
named eth1:TE101, because the vserver code doesn't bother with
checking if the second alias is on another interface, and adds
the '1' to make the name unique) ... so this is wrong

# ifconfig eth1:TE101 broadcast 192.168.0.255

fixes it ...

eth1:TE10 Link encap:Ethernet HWaddr 00:02:B3:BF:A2:64
          inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Interrupt:17 Base address:0x3000

[TE10] ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_seq=1 ttl=255 time=0.208 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=255 time=0.163 ms
64 bytes from 192.168.0.2: icmp_seq=3 ttl=255 time=0.175 ms

[TE10] ping 10.0.0.2
PING 10.0.0.2 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.212 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.174 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.167 ms

HTH,
Herbert

> With this config, I could reach anything 10.0.0.* through eth0, but only the
> physical server and it's other vservers through eth1.
>
> Are there any other changes that would need to be made? Does anything need
> to be done inside the vserver?
>
> Matthew Nuzum | Makers of "Elite Content Management System"
> www.followers.net | View samples of Elite CMS in action
> matt_at_followers.net | http://www.followers.net/portfolio/
>
>
>


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 03 Jul 2003 - 01:42:50 BST by hypermail 2.1.3