From: Gebhardt Thomas (gebhardt_at_hrz.uni-marburg.de)
Date: Thu 15 Apr 2004 - 15:35:54 BST
On Thursday 15 April 2004 13:27, Chris Wilson wrote:
Hi,
> Does anyone have any ideas that could explain this bizarre behaviour? How
> is it that a machine can have an address configured, and not respond to
> ARPs for it, when it has a route to the source of the ARPs? There are no
> netfilter iptables rules, or strange routing configuration on this
> machine. It has just a single network interface with two subnets on it.
>
> Any advice you can give me would be greatly appreciated.
maybe you got bitten by the same issue as I did. With
ip addr ls
(ip from the iproute2 suite) you can figure out which of the ip alias
interfaces are "secondary". These ip aliases will be removed if you
shut down the corresponding primary interface.
cf. my posting from 08.03.2004,
Subject: Running master and vservers in different ip subnets
######################################################
we had some problems with nasty side effects when stopping
one specific vserver: all other vservers on the same master lost
their network connectivity.
Herbert helped me to trace down the problem: We are running
the master server and the vservers in different ip subnets:
the vservers have a public ip address; the master has an
"intranet" address which is not routed beyond our intranet.
The kernel ip stack treats the first ip address within a "scope"
as primary and deletes all secondary ip addresses within
this scope when the primary address is taken down.
(ifconfig doesn't show the primary/secondary feature,
but ip from iproute2 does)
To get around this problem I
1. explicitely added an ip route for the public ip
subnet of the vservers:
route add -net <public subnet> netmask <netmask> gw <master ip addr> dev eth0
2. defined all vservers with subnet mask 255.255.255.255, i.e. host scope, so
every vserver is primary within its own scope.
IPROOT="eth0:<vserver ip address>"
IPROOTMASK=255.255.255.255
IPROOTBCAST=<vserver ip address>
I don't think that these vservers should use some ip broadcast protocol,
so I also set IPROOTBCAST to the vserver ip address.
It seems that this setup works for me.
Any comments?
Cheers, Thomas
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver