Re: [Vserver] Re: util-vserver 0.30.208 debs?
Hello On Fri, Aug 19, 2005 at 01:29:02AM +0200, Herbert Poetzl wrote: > On Thu, Aug 18, 2005 at 12:49:54PM +0200, Ola Lundqvist wrote: > > Hello > > > > Just uploaded 208 debs for Debian. Please test. > > thanks a lot Ola! > > btw, did you incorporate the updates for the alternative > syscall implementation yet? if so, we found a bug today > and fixed it promptly, if not, please consider to do so > > the following patches should be of interest to you: > > > http://vserver.13thfloor.at/Experimental/UTIL-VSERVER/delta-0.30.208-kheaders.diff > > http://vserver.13thfloor.at/Experimental/UTIL-VSERVER/delta-0.30.208-shiny7.diff > I used the 208 relese with the corresponding patch file. I was not able to apply the patch files you give me here... [EMAIL PROTECTED]:~/build/debian/util-vserver/unstable/util-vserver-0.30.208$ patch -p1 < debian/patches/delta-0.30.208-kheaders.diff patching file kernel/cvirt_def.h Reversed (or previously applied) patch detected! Assume -R? [n] [EMAIL PROTECTED]:~/build/debian/util-vserver/unstable/util-vserver-0.30.208$ patch -p1 < debian/patches/delta-0.30.208-shiny7.diff patching file lib/syscall-alternative.h Hunk #1 FAILED at 1. 1 out of 1 hunk FAILED -- saving rejects to file lib/syscall-alternative.h.rej > they fix syscall support for many archs debian still > supports ... Interesting. Regards, // Ola > best, > Herbert > > > Regards, > > > > // Ola > > [rest zapped] > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver > -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] Problem Starting up a Vserver instance
Hi, I am struggling to get a single vserver instance up.I use this command to build the vserver from scratch: $ vserver tserv build -m skeleton --hostname face --interface eth0:10.1.10.1 --rootdir=/var/lib/vservers --force This file (and a few others) was automatically created $ cat /etc/vservers/tserv/fstab none /procprocdefaults 0 0 none /tmp tmpfs size=16m,mode=17770 0 none /dev/pts devpts gid=5,mode=6200 0 This is my vservers.conf $ cat /etc/vservers.conf BACKGROUND=no VSERVERS_ROOT=/var/lib/vservers GENERATEMTAB=yes But when I try to start the vserver instance I get this error: $ vserver tserv start secure-mount: chdir("/tmp"): No such file or directory /usr/local/etc/vservers/tserv/fstab:2:1: failed to mount fstab-entry find: var/run: No such file or directory fakerunlevel: open("/var/run/utmp"): No such file or directory Failed to start vserver 'tserv' What could have gone wrong? ~$ubh ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: util-vserver 0.30.208 debs?
On Thu, Aug 18, 2005 at 12:49:54PM +0200, Ola Lundqvist wrote: > Hello > > Just uploaded 208 debs for Debian. Please test. thanks a lot Ola! btw, did you incorporate the updates for the alternative syscall implementation yet? if so, we found a bug today and fixed it promptly, if not, please consider to do so the following patches should be of interest to you: http://vserver.13thfloor.at/Experimental/UTIL-VSERVER/delta-0.30.208-kheaders.diff http://vserver.13thfloor.at/Experimental/UTIL-VSERVER/delta-0.30.208-shiny7.diff they fix syscall support for many archs debian still supports ... best, Herbert > Regards, > > // Ola [rest zapped] ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: util-vserver 0.30.208 debs?
> http://incoming.debian.org/ cool, didn't know that ;-) thnx! installed it on a testhost, stopped/started two vservers, restarted vprocunhide (didn't restart the whole host as I need it atm :) seems that everything is fine - I have to leave now, will do more tests later. Cheers, Thomas Gelf -- Thomas Gelf <[EMAIL PROTECTED]> ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: util-vserver 0.30.208 debs?
On Thu, Aug 18, 2005 at 02:43:41PM +0200, Thomas Gelf wrote: > Hi Ola, > > I would really like to test it immediately - but atm I can see that > you did something ( http://packages.qa.debian.org/u/util-vserver.html > and http://packages.qa.debian.org/u/util-vserver/news/1.html ) but > have no idea where to get the binary package from. http://incoming.debian.org/ Regards, // Ola > Cheers, > Thomas Gelf > > Am Donnerstag, den 18.08.2005, 12:49 +0200 schrieb Ola Lundqvist: > > Hello > > > > Just uploaded 208 debs for Debian. Please test. > > > > Regards, > > > > // Ola > > > > On Thu, Aug 18, 2005 at 08:32:31AM +0200, Ola Lundqvist wrote: > > > Hello > > > > > > On Mon, Aug 15, 2005 at 01:47:49PM +0200, Harald Kapper wrote: > > > > On Fri, 12 Aug 2005 18:19:45 + (UTC), John Goerzen <[EMAIL > > > > PROTECTED]> > > > > wrote: > > > > > > > > >> The debian maintainer is working on .208 debs now: > > > > >> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321659 > > > > > > > > > >It was really trivial (<5 min) to take the 207 and make 208 debs. I've > > > > >posted my source packages at http://www.complete.org/~jgoerzen/vs/ for > > > > >anyone that wants them. > > > > > > > > > >They include fix1. > > > > > > > > hi > > > > thanks for the dsc - one odd thing came up through building - it > > > > claimed (though > > > > installed) that beecrypt couldn't be found and this would not allow to > > > > vhashify > > > > - actually I'm quite clueless what this finally means, but maybe > > > > someone here > > > > can enlighten me. > > > > > > Note that if you use beecrypt2 it will work. That library is not > > > included in Debian sid so I can not use it. > > > > > > Regards, > > > > > > // Ola > > > > > > > regards > > > > Harald Kapper, icq# 36178328 http://kapper.net > > > > software-development and loeblichgasse 6 > > > > security-consulting 1090 vienna, .at > > > > tel +43 1 3195500-0, fax +43 1 3195502, [EMAIL PROTECTED] > > > > --mark--- > > > > Harry Block ("Deconstructing Harry", Woody Allen 1997): > > > > "I think you're the opposite of a paranoid. > > > > I think you go around with the insane delusion that people like you." > > > > ___ > > > > Vserver mailing list > > > > Vserver@list.linux-vserver.org > > > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > > > > > > > > -- > > > - Ola Lundqvist --- > > > / [EMAIL PROTECTED] Annebergsslingan 37 \ > > > | [EMAIL PROTECTED] 654 65 KARLSTAD | > > > | +46 (0)54-10 14 30 +46 (0)70-332 1551 | > > > | http://www.opal.dhs.org UIN/icq: 4912500 | > > > \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / > > > --- > > > ___ > > > Vserver mailing list > > > Vserver@list.linux-vserver.org > > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > > > > -- > Thomas Gelf <[EMAIL PROTECTED]> > > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver > -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: util-vserver 0.30.208 debs?
Hi! I have the same problem - where does the light go in the night? In the fridge? Where are debian packages uploaded by a maintainer but not available in sid and experimental? I cannot find an FTP link ;( Ola, please help those without patience! :) rgds, Andreas Thomas Gelf wrote: Hi Ola, I would really like to test it immediately - but atm I can see that you did something ( http://packages.qa.debian.org/u/util-vserver.html and http://packages.qa.debian.org/u/util-vserver/news/1.html ) but have no idea where to get the binary package from. Cheers, Thomas Gelf Am Donnerstag, den 18.08.2005, 12:49 +0200 schrieb Ola Lundqvist: Hello Just uploaded 208 debs for Debian. Please test. Regards, // Ola On Thu, Aug 18, 2005 at 08:32:31AM +0200, Ola Lundqvist wrote: Hello On Mon, Aug 15, 2005 at 01:47:49PM +0200, Harald Kapper wrote: On Fri, 12 Aug 2005 18:19:45 + (UTC), John Goerzen <[EMAIL PROTECTED]> wrote: The debian maintainer is working on .208 debs now: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321659 It was really trivial (<5 min) to take the 207 and make 208 debs. I've posted my source packages at http://www.complete.org/~jgoerzen/vs/ for anyone that wants them. They include fix1. hi thanks for the dsc - one odd thing came up through building - it claimed (though installed) that beecrypt couldn't be found and this would not allow to vhashify - actually I'm quite clueless what this finally means, but maybe someone here can enlighten me. Note that if you use beecrypt2 it will work. That library is not included in Debian sid so I can not use it. Regards, // Ola regards Harald Kapper, icq# 36178328 http://kapper.net software-development and loeblichgasse 6 security-consulting 1090 vienna, .at tel +43 1 3195500-0, fax +43 1 3195502, [EMAIL PROTECTED] --mark--- Harry Block ("Deconstructing Harry", Woody Allen 1997): "I think you're the opposite of a paranoid. I think you go around with the insane delusion that people like you." ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: util-vserver 0.30.208 debs?
btw: I was using your 0.30.207-7 (on sarge) for a while now - it's running fine (also with vs2.0) Am Donnerstag, den 18.08.2005, 12:49 +0200 schrieb Ola Lundqvist: > Hello > > Just uploaded 208 debs for Debian. Please test. > > Regards, > > // Ola -- Thomas Gelf <[EMAIL PROTECTED]> ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: util-vserver 0.30.208 debs?
Hi Ola, I would really like to test it immediately - but atm I can see that you did something ( http://packages.qa.debian.org/u/util-vserver.html and http://packages.qa.debian.org/u/util-vserver/news/1.html ) but have no idea where to get the binary package from. Cheers, Thomas Gelf Am Donnerstag, den 18.08.2005, 12:49 +0200 schrieb Ola Lundqvist: > Hello > > Just uploaded 208 debs for Debian. Please test. > > Regards, > > // Ola > > On Thu, Aug 18, 2005 at 08:32:31AM +0200, Ola Lundqvist wrote: > > Hello > > > > On Mon, Aug 15, 2005 at 01:47:49PM +0200, Harald Kapper wrote: > > > On Fri, 12 Aug 2005 18:19:45 + (UTC), John Goerzen <[EMAIL PROTECTED]> > > > wrote: > > > > > > >> The debian maintainer is working on .208 debs now: > > > >> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321659 > > > > > > > >It was really trivial (<5 min) to take the 207 and make 208 debs. I've > > > >posted my source packages at http://www.complete.org/~jgoerzen/vs/ for > > > >anyone that wants them. > > > > > > > >They include fix1. > > > > > > hi > > > thanks for the dsc - one odd thing came up through building - it claimed > > > (though > > > installed) that beecrypt couldn't be found and this would not allow to > > > vhashify > > > - actually I'm quite clueless what this finally means, but maybe someone > > > here > > > can enlighten me. > > > > Note that if you use beecrypt2 it will work. That library is not > > included in Debian sid so I can not use it. > > > > Regards, > > > > // Ola > > > > > regards > > > Harald Kapper, icq# 36178328 http://kapper.net > > > software-development and loeblichgasse 6 > > > security-consulting 1090 vienna, .at > > > tel +43 1 3195500-0, fax +43 1 3195502, [EMAIL PROTECTED] > > > --mark--- > > > Harry Block ("Deconstructing Harry", Woody Allen 1997): > > > "I think you're the opposite of a paranoid. > > > I think you go around with the insane delusion that people like you." > > > ___ > > > Vserver mailing list > > > Vserver@list.linux-vserver.org > > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > > > > > -- > > - Ola Lundqvist --- > > / [EMAIL PROTECTED] Annebergsslingan 37 \ > > | [EMAIL PROTECTED] 654 65 KARLSTAD | > > | +46 (0)54-10 14 30 +46 (0)70-332 1551 | > > | http://www.opal.dhs.org UIN/icq: 4912500 | > > \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / > > --- > > ___ > > Vserver mailing list > > Vserver@list.linux-vserver.org > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > -- Thomas Gelf <[EMAIL PROTECTED]> ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] can not deactivate any block device with running vserver 2.0
On Thu, Aug 18, 2005 at 08:14:35AM +0200, Enrico Scholz wrote: > [EMAIL PROTECTED] ("lukas.rueegg [pixworx multimedia]") writes: > > >> c) using the cleanup feature we added to the kernel > >> (please discuss this with Enrico) > > enrico, we read your talk with sam and others in november '04 but didn't > > get any hints about the current status. is there any way of cleaning up > > a new namespace in the pre-start-script or generally for all namespaces > > available? > > > > at the moment, we are playing around with the pre-start-scripts, until > > now unsuccessfully... > > atm, manual unmounting in the *pre-start script will be the best > choice. The architecture of the 'vserver' script does not allow > automatic cleanup. Perhaps I will add some logic datermining and > unmounting removable devices but this will be more a hack than a > clean solution. > > I am thinking about a daemon doing the vserver startup; this daemon > could be started very early, lives in its own namespace and would not be > affected by changes in the main-namespace. But this daemon does not have > a big priority... well, it would solve a bunch of issues at once, but it would probably run into the same problems once it is restarted, no? maybe we should improve the 'cleanup' of the guest namespace somehow, but I have absolutely no idea what your requirements in this regard are ... best, Herbert PS: guess I would appreciate some scheduled discussions via IRC or if you insist, we can do it via email ... > Enrico > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: Conversion script for legacy config files to new config directory
On Thu, Aug 18, 2005 at 08:20:20AM +0200, Ola Lundqvist wrote: > On Mon, Aug 15, 2005 at 09:33:58AM +0200, Dennis Roos wrote: > > On Sat, 2005-08-13 at 08:21 +0200, Dirk Ruediger wrote: > > > Hi Dennis, > > > > > > Dennis Roos wrote (some time ago): > > > > > > > > After half an hour of scripting I came up with a somewhat working > > > > conversion script for Linux-VServer configs to the new directory > > > > configuration layout. > > > > > > > > It has been created for my specific environment, but I hope it helps > > > > someone ;) > > > > > > I used your vscfg-conf.sh for my migration to the new config layout. > > > Thanks for providing this! > > No problem... Glad to have returned something useful for the community ;) > > > > > I adopted it and corrected the handling of multiple network devices. > > > Also I set the flag /apps/init/mark to "default" so that the vserver is > > > started via /etc/init.d/vserver-default (under debain at least ;-)) > > > So I want to share these changes too. > > It might be an idea to add the code to the wiki somewhere? If no one > > objects to this I can do this later today. > > Or even better. Add it to util-vserver package. excellent idea, second that ... best, Herbert > Regards, > > // Ola > > > > > -- > > Regards, > > Dennis Roos > > > > Network Engineer @ InTouch N.V. > > Middenweg 76 > > 1097 BS Amsterdam > > Tel: +31 (0)20 6752060 > > Fax: +31 (0)20 6758429 > > > > -=[Assumption is the mother of all f*ckups]=- > > > > > > ___ > > Vserver mailing list > > Vserver@list.linux-vserver.org > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > > -- > - Ola Lundqvist --- > / [EMAIL PROTECTED] Annebergsslingan 37 \ > | [EMAIL PROTECTED] 654 65 KARLSTAD | > | +46 (0)54-10 14 30 +46 (0)70-332 1551 | > | http://www.opal.dhs.org UIN/icq: 4912500 | > \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / > --- > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
Re: [Vserver] Re: util-vserver 0.30.208 debs?
Hello Just uploaded 208 debs for Debian. Please test. Regards, // Ola On Thu, Aug 18, 2005 at 08:32:31AM +0200, Ola Lundqvist wrote: > Hello > > On Mon, Aug 15, 2005 at 01:47:49PM +0200, Harald Kapper wrote: > > On Fri, 12 Aug 2005 18:19:45 + (UTC), John Goerzen <[EMAIL PROTECTED]> > > wrote: > > > > >> The debian maintainer is working on .208 debs now: > > >> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321659 > > > > > >It was really trivial (<5 min) to take the 207 and make 208 debs. I've > > >posted my source packages at http://www.complete.org/~jgoerzen/vs/ for > > >anyone that wants them. > > > > > >They include fix1. > > > > hi > > thanks for the dsc - one odd thing came up through building - it claimed > > (though > > installed) that beecrypt couldn't be found and this would not allow to > > vhashify > > - actually I'm quite clueless what this finally means, but maybe someone > > here > > can enlighten me. > > Note that if you use beecrypt2 it will work. That library is not > included in Debian sid so I can not use it. > > Regards, > > // Ola > > > regards > > Harald Kapper, icq# 36178328 http://kapper.net > > software-development and loeblichgasse 6 > > security-consulting 1090 vienna, .at > > tel +43 1 3195500-0, fax +43 1 3195502, [EMAIL PROTECTED] > > --mark--- > > Harry Block ("Deconstructing Harry", Woody Allen 1997): > > "I think you're the opposite of a paranoid. > > I think you go around with the insane delusion that people like you." > > ___ > > Vserver mailing list > > Vserver@list.linux-vserver.org > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > > -- > - Ola Lundqvist --- > / [EMAIL PROTECTED] Annebergsslingan 37 \ > | [EMAIL PROTECTED] 654 65 KARLSTAD | > | +46 (0)54-10 14 30 +46 (0)70-332 1551 | > | http://www.opal.dhs.org UIN/icq: 4912500 | > \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / > --- > ___ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver > -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] 13thfloor.at down?
On Thu, 18 Aug 2005, martin rueegg [metaworx rueegg] wrote: > > Is the 13thfloor website down? Having trouble accessing it > > from the UK, get a timeout - anyone else seeing this? > > have the same from germany (isp: arcor.de) > > but not from switzerland (isp: easynet.ch) > Back now - looks like one of the transit providers had a routing loop. -- / Gary Wilson, aka dragon/dragonlord/dragonv480\ .'(_.--. e: [EMAIL PROTECTED] MSN: dragonv480 .--._)`. < _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ > `.( `--' w: http://volvo480.northernscum.org.uk `--' ).' \w: http://www.northernscum.org.uk / ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] 13thfloor.at down?
> Is the 13thfloor website down? Having trouble accessing it > from the UK, get a timeout - anyone else seeing this? have the same from germany (isp: arcor.de) but not from switzerland (isp: easynet.ch) regards, martin. ___ Martin Rueegg Owner and IT staff member http://metaworx.ch metaworx rueegg mailto:[EMAIL PROTECTED] Site Office Germany Head Office Switzerland Birkentalstrasse 4Brandgrubenstrasse 23 DE-97209 Veitshoechheim CH-8610 Uster tel: +49 (931) 970 90 30tel: +41 (44) 99 44 044 fax: +49 (931) 970 90 88fax: +41 (44) 99 44 043 gsm: +49 (1520) 8 563 549 gsm: +41 (79) 312 50 15 mailto:[EMAIL PROTECTED] skype: martin.rueegg ___ ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
[Vserver] 13thfloor.at down?
Is the 13thfloor website down? Having trouble accessing it from the UK, get a timeout - anyone else seeing this? Thanks Gaz -- / Gary Wilson, aka dragon/dragonlord/dragonv480\ .'(_.--. e: [EMAIL PROTECTED] MSN: dragonv480 .--._)`. < _ | Skype:dragonv480 ICQ:342070475 AIM:dragonv480 | _ > `.( `--' w: http://volvo480.northernscum.org.uk `--' ).' \w: http://www.northernscum.org.uk / ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] vserver + vlans
On Thu, 2005-08-18 at 09:58 +0200, metaworx lists wrote: > > On Tue, Aug 16, 2005 at 10:01:47AM +0200, Matvey Gladkikh wrote: > > > I have small question. Can vserver guests be bind to vlan > > > interfaces eg. bond0.10 not phisical eth0 and eth1? > > > > Yes > > > I have not tested on recent versions so though. > > we are running vlans on top of a bridged device and bind guests to this > interfaces and everything seems to work as expected so far. > > what we have not yet fully tested, whether different guests in different > vlans can communicate to each other while running on the same host (Kernel). > I suppose thy can, but this does normaly not match the intention sice you > place them in different vlans ;-) They probably can communicate with eachother, they all share the same routing table as they are in the same box :) > the reason is that it is the same kernal and therefore the packages do not > pass the vlan part of the device driver. a solution could be iptables, the > way we will try to separate the vservers. Try iproute2 (I got this originally from the wiki, but I don't have the link handy at the moment). Create a new routing table (I use the vlan ID as table ID, but anything goes as long as it's less than 255 (AFAIK) ) The versions in use with my setup are:# vserver-info Versions: Kernel: 2.6.11.6-grsec-vs1.9.5 VS-API: 0x00010025 util-vserver: 0.30.207; May 18 2005, 17:47:45 Here's an example: ${MYNET} == Server's network address ${SVRPFX} == Server's network prefix (CIDR notation) ${MYVLAN} == Vlan ID ${VLAN} == Vlan ID < 255 echo "10VLAN10" > /etc/iproute2/rt_tables ip rule add from ${MYNET}/${SVRPFX} table ${VLAN} ip route add ${MYNET}/${SVRPFX} dev eth1.${MYVLAN} table ${VLAN} ip route add default via ${MYGW} dev eth1.${MYVLAN} table ${VLAN} -- Regards, Dennis Roos Network Engineer @ InTouch N.V. Middenweg 76 1097 BS Amsterdam Tel: +31 (0)20 6752060 Fax: +31 (0)20 6758429 -=[Assumption is the mother of all f*ckups]=- ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
RE: [Vserver] vserver + vlans
> On Tue, Aug 16, 2005 at 10:01:47AM +0200, Matvey Gladkikh wrote: > > I have small question. Can vserver guests be bind to vlan > > interfaces eg. bond0.10 not phisical eth0 and eth1? > > Yes > I have not tested on recent versions so though. we are running vlans on top of a bridged device and bind guests to this interfaces and everything seems to work as expected so far. what we have not yet fully tested, whether different guests in different vlans can communicate to each other while running on the same host (Kernel). I suppose thy can, but this does normaly not match the intention sice you place them in different vlans ;-) the reason is that it is the same kernal and therefore the packages do not pass the vlan part of the device driver. a solution could be iptables, the way we will try to separate the vservers. regards, martin. ___ Martin Rueegg Owner and IT staff member http://metaworx.ch metaworx rueegg mailto:[EMAIL PROTECTED] Site Office Germany Head Office Switzerland Birkentalstrasse 4Brandgrubenstrasse 23 DE-97209 Veitshoechheim CH-8610 Uster tel: +49 (931) 970 90 30tel: +41 (44) 99 44 044 fax: +49 (931) 970 90 88fax: +41 (44) 99 44 043 gsm: +49 (1520) 8 563 549 gsm: +41 (79) 312 50 15 mailto:[EMAIL PROTECTED] skype: martin.rueegg ___ ___ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver