About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Thu 15 Apr 2004 - 14:20:14 BST


On Thu, Apr 15, 2004 at 12:27:17PM +0100, Chris Wilson wrote:
> Hi all,
>
> I'm afraid I'm a bit of a newbie at this, having just installed the
> vserver patches, and not read much of the documentation yet, so I
> apologise if this is a stupid question or a FAQ. I had a brief look at the
> mailing list archives but they weren't searchable so I couldn't find
> anything in a reasonable amount of time. Have you considered using MARC to
> archive messages? (http://marc.theaimsgroup.com)

no, but please contact Martin List-Petersen <martin_at_list-petersen.se>
he is maintaining one copy of the ml archives, maybe
you can help him with configuring a searchable archive ...

> I have three virtual machines on a vserver, call them A, B and C.
> Yesterday I wanted to add an IP address to A. So I added it to the end of
> the IPROOT line in /etc/vservers/A.conf, and entered the vserver. I
> noticed that my existing processes couldn't see the address, although the
> new ones could, which I was half-expecting, so I restarted the vserver.
>
> Then I got an effect I wasn't expecting. None of the addresses on A
> were pingable from outside! The machine simply didn't respond to ARPs for
> them. I checked the routing table and discovered that I was missing a
> route to the IP address which was the source of the ARPs, but even after I
> fixed this, I was still not getting any response.
>
> Then I changed the order of the addresses in the IPROOT line, hoping that
> I could get at least one of them working, and restarted the virtual
> machine, and suddenly they all started working again!
>
> But, having done that, I discovered this morning that another virtual
> machine, B, had similarly lost Internet access, at around the same time
> yesterday as I shut down A. I hadn't touched B at all. I ran "vserver B
> enter" and suddenly B's addresses started working again!

sounds really interesting ...

let's investigate this further if possible ...

> Virtual machine C, on the other hand, was completely unaffected by all
> this and worked fine the whole time!
>
> Does anyone have any ideas that could explain this bizarre behaviour? How
> is it that a machine can have an address configured, and not respond to
> ARPs for it, when it has a route to the source of the ARPs? There are no
> netfilter iptables rules, or strange routing configuration on this
> machine. It has just a single network interface with two subnets on it.
>
> Any advice you can give me would be greatly appreciated.

are you 100% sure that this isn't some hidden
arp table flushing / router not routing issue?

if so, please try to capture a network dump
(with a sniffer on the wire between router and host,
neither from the router nor from the host), which
shows that the host receives an arp request for
a configure (and available) interface address which
isn't answered ...

> I'm using the Vserver patch version 1.27 on kernel 2.4.25, and
> util-vserver-0.29.3-0 RPM, unmodified.
>
> By the way, when shutting down a vserver I get lots of errors about being
> unable to unmount various filesystems in other vservers, such as /proc. It
> doesn't seem to cause a problem, but it's a bit worrying, and slows down
> the shutdown process a lot. Is there a workaround for this?

yes, if you 'configure' your client distro not to
do the 'normally' required hardware and filesystem
stuff, then this will go away automatically ...

(for SysV based distros, it should be sufficient to
 remove most of the links from rc{0,6}.d)

HTH,
Herbert

> Cheers, Chris.
> --
> _ __ __ _
> / __/ / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer |
> / (_ ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk |
> \__/_/_/_//_/___/ | 21 Signet Court, Cambridge, UK. 01223 576516 |
>
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 15 Apr 2004 - 14:21:24 BST by hypermail 2.1.3