From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Tue 15 Mar 2005 - 22:52:39 GMT
On Mon, Mar 14, 2005 at 05:29:22PM +0100, Martin Pauly wrote:
> Hi all,
>
> I want to build a setup with 1 box running 2 vservers on top of
> 2.4.29-vs1.2.10, each one using its own Ethernet interface
> and its own gateway. Its's exactly what has been discussed in
> http://www.paul.sladen.org/vserver/archives/200302/0091.html
we had this 'recently' on irc (2005-03-07)
Bertl> okay, let me try to make a test/example with local ips,
I'll try to create it with qemu, and you try to map it to
your case later ...
Bertl> 90: tun0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
Bertl> link/ether aa:aa:aa:00:00:00 brd ff:ff:ff:ff:ff:ff
Bertl> inet 10.0.0.1/24 brd 10.0.0.255 scope global tun0
Bertl> 91: tun1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
Bertl> link/ether aa:aa:aa:00:00:01 brd ff:ff:ff:ff:ff:ff
Bertl> inet 10.0.1.1/24 brd 10.0.1.255 scope global tun1
Bertl> the qemu vserver host sees eth0 and eth1, no config no routing yet
Bertl> first the essentials:
Bertl> # ifconfig lo 127.0.0.1
Bertl> # ifconfig eth0 10.0.0.2 netmask 255.255.255.0 broadcast 10.0.0.255
Bertl> # ifconfig eth1 10.0.1.2 netmask 255.255.255.0 broadcast 10.0.1.255
Bertl> now the test if we can reach the 'routers'
Bertl> # chbind --ip 10.0.0.2 ping -c 1 10.0.0.1
Bertl> PING 10.0.0.1 (10.0.0.1) from 10.0.0.2 : 56(84) bytes of data.
Bertl> 64 bytes from 10.0.0.1: icmp_seq=0 ttl=64 time=1.757 msec
Bertl> # chbind --ip 10.0.1.2 ping -c 1 10.0.1.1
Bertl> PING 10.0.1.1 (10.0.1.1) from 10.0.1.2 : 56(84) bytes of data.
Bertl> 64 bytes from 10.0.1.1: icmp_seq=0 ttl=64 time=2.565 msec
Bertl> now we need to setup the 'source' tables and rules
Bertl> hmm, sec, have to compile in routing tables ;)
Bertl> okidoki, let's continue ...
Bertl> # ip route add 10.0.0.0/24 dev eth0 table 100
Bertl> # ip route add default via 10.0.0.1 dev eth0 table 100
Bertl> # ip rule add from 10.0.0.0/24 table 100
Bertl> and now the same for the second one ..
Bertl> # ip route add 10.0.1.0/24 dev eth1 table 101
Bertl> # ip route add default via 10.0.1.1 dev eth1 table 101
Bertl> # ip rule add from 10.0.1.0/24 table 101
Bertl> # chbind --ip 10.0.0.2 ping -c 1 192.168.0.1
Bertl> PING 192.168.0.1 (192.168.0.1) from 10.0.0.2 : 56(84) bytes of data.
Bertl> 64 bytes from 192.168.0.1: icmp_seq=0 ttl=64 time=6.766 msec
Bertl> this get's send over tun0
Bertl> while
Bertl> # chbind --ip 10.0.1.2 ping -c 1 192.168.0.1
Bertl> is sent over tun1, both reach the alias at dummy
(created on the qemu host)
HTH,
Herbert
> So I start off with the master IP 192.168.1.18/25 and the first
> vserver (called rsf1) at 137.248.1.53/25, both set up on eth1:
>
> 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> 2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
> link/ether 00:0e:0c:5c:53:75 brd ff:ff:ff:ff:ff:ff
> 3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:0e:0c:5c:53:74 brd ff:ff:ff:ff:ff:ff
> inet 192.168.1.18/25 brd 192.168.1.127 scope global eth1
> inet 137.248.1.53/25 brd 137.248.1.127 scope global eth1:rsf1
> master22:/etc/vservers# ip route sh
>
> The routing table is what you'd expect:
> 137.248.1.0/25 dev eth1 proto kernel scope link src 137.248.1.53
> 192.168.1.0/25 dev eth1 proto kernel scope link src 192.168.1.18
> default via 192.168.1.126 dev eth1
>
> After starting the second vserver (called rst1) I get:
>
> 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:0e:0c:5c:53:75 brd ff:ff:ff:ff:ff:ff
> inet 137.248.9.13/27 brd 137.248.9.31 scope global eth0:rst1
> 3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:0e:0c:5c:53:74 brd ff:ff:ff:ff:ff:ff
> inet 192.168.1.18/25 brd 192.168.1.127 scope global eth1
> inet 137.248.1.53/25 brd 137.248.1.127 scope global eth1:rsf1
>
> The ifconfig call inside /sbin/vserver introduces another route on eth1:
>
> master22:/etc/vservers# ip route sh
> 137.248.9.0/27 dev eth0 proto kernel scope link src 137.248.9.13
> 137.248.1.0/25 dev eth1 proto kernel scope link src 137.248.1.53
> 192.168.1.0/25 dev eth1 proto kernel scope link src 192.168.1.18
> default via 192.168.1.126 dev eth1
>
> 4. Now I adjust the routing tables:
> master22:/etc/vservers# ip route del 137.248.9.0/27 dev eth0
> master22:/etc/vservers# ip route add 137.248.9.0/27 dev eth0 src 137.248.9.13 table 2
> master22:/etc/vservers# ip route add default dev eth0 via 137.248.9.30 src
> 137.248.9.13 table 2
> RTNETLINK answers: Network is unreachable
>
> Any idea what might go wrong here?
>
> Thanks for any hints
> Martin
>
> --
> Dr. Martin Pauly Fax: 49-6421-28-26994
> HRZ Univ. Marburg Phone: 49-6421-28-23527
> Hans-Meerwein-Str. E-Mail: pauly_at_HRZ.Uni-Marburg.DE
> D-35032 Marburg
>
>
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver