Hi, as far as I understand, your network configuration is based on simple venet0 interface. Is that true? I suppose that you are faced with arp-problem but could you please elaborate your network configuration a little bit so one can understand what the exact environment is. It may be important if you are using several route tables. "ip a l", "ip route list table all", "ip rule list", "arp -n" would be enough I suppose.
Let me give you a hint so that you will be able to cope with the problem by yourself. venet0 is working according the following principle. If a remote machine is willing to communicate with a VE it send "arp-who has" request. This type of request reaches a HN and the HN is sending "arp reply" to the remote machine (that's why "arp -n" output should contain information about VE). Then the remote machine sends network packets to the HN but because of the additional route (see "ip route list" output) all packets are going inside VE through the HN. That's the principle of venet0 interface. To catch the problem I recommend you using "tcpdump" utility. Stanichenko Marat ________________________________________ От: users-boun...@openvz.org [users-boun...@openvz.org] от имени Dragomir Zhelev [dr...@delta.bg] Отправлено: 15 марта 2010 г. 18:39 Кому: users@openvz.org Тема: [Users] strange network problem Hi all :) , The problem is, that as containers are working, the network to someone or more than one stops. it is not necessary that the container is one and the same everytime. When I run ping to the container from the host node, there is no reply.I can enter the container with "vzctl enter XXX", but the problem stays. The problem is fixed when I execute ""/sbin/ifdown venet0 && /sbin/ifup venet0". Sometimes this doesn't help, because in 1 min, another container could stop. Sometimes it works normally for day or two without any problems, but after that it could start happening every 5 mins. I use the latest version of "centos" which is updated until the last update available. The kernel is Linux ufo.myhost.com 2.6.18-164.11.1.el5.028stab068.3 #1 SMP Wed Feb 17 15:22:30 MSK 2010 x86_64 x86_64 x86_64 GNU/Linux I have iptables rules only in FORWARD filter table and this rules are -j ACCEPT for traffic counting all other tables and rules are flush and with -P ACCEPT Regards. _______________________________________________ Users mailing list Users@openvz.org https://openvz.org/mailman/listinfo/users _______________________________________________ Users mailing list Users@openvz.org https://openvz.org/mailman/listinfo/users
