Re: [Vserver] Confused by routing

Herbert Poetzl Wed, 25 May 2005 00:39:02 -0700

On Wed, May 25, 2005 at 01:32:12AM +0200, Gilles wrote:
> 
> > 
> > > > > 3. How to set the source for a default route?
> > > > Using iproute2 you can use:
> > > >  ip rule add from ${MYNET}/${SVRPFX} table ${VLAN}
> > > >
> 
> Yes, as is explained in
>   http://archives.linux-vserver.org/200311/0470.html
> 
> [I'll still have to read the docs in order to understand the "rule"s.]
> 
> > > 
> > > >From the "ip" docs, one of the error (see below: "RTNETLINK answers: 
> > > >Invalid
> > > argument") comes from using the "rule" command, and seems related to a 
> > > missing 
> > > kernel feature (CONFIG_IP_MULTIPLE_TABLES).  But I can't find it in 
> > > ".config";
> > > has it changed name, or is it covered by another config option?
> > >From 2.6.11*:
> > CONFIG_IP_MULTIPLE_TABLES=y
> > 
> > Symbol: IP_MULTIPLE_TABLES [=y]
> >   ??? Prompt: IP: policy routing
> >   ???   Defined at net/ipv4/Kconfig:56
> >   ???   Depends on: NET && IP_ADVANCED_ROUTER
> >   ???   Location:
> >   ???     -> Device Drivers
> >   ???       -> Networking support
> >   ???         -> Networking support (NET [=y])
> >   ???           -> Networking options
> >   ???             -> TCP/IP networking (INET [=y])
> >   ???               -> IP: advanced router (IP_ADVANCED_ROUTER
> > [=y])          
> > 
> 
> I was missing that one, as Herbert had just told me.
> 
> > > > > 
> > > > > First I removed the "network" and "gateway" entries in the 
> > > > > "interfaces" file.
> > > > > Then I put a "routing.sh" script in 
> > > > > "/etc/vservers/phony/scripts/pre-start.d"
> > > > > containing the following lines:
> > > > > 
> > > > > ip route add 192.168.83.0/24 dev eth0.2
> > > > > ip route add default via 192.168.83.2 dev eth0.2
> > > > > ip rule add from 192.168.83.0/24
> > > > First of all, I have had issues when doing routing changes in the 
> > > > pre-start fase,
> > > > so I made a habbit of doing those changes in the post start fase and 
> > > > that solved
> > > > a lot of my problems.
> > > > 
>  
> It seems more coherent to set it in "pre-start" (if possible): probably 
> better not
> to have a running vserver without a sensible routing (?).
> 
> Now, with a new kernel (advanced router with multiple tables...):
> 
> Inside Vs1:
> # route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 192.168.83.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0.2
> 192.168.79.0    0.0.0.0         255.255.255.0   U     0      0        0 *
> 192.168.107.0   0.0.0.0         255.255.255.0   U     0      0        0 *
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 eth0.2
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 *
> 0.0.0.0         0.0.0.0         0.0.0.0         UG    0      0        0 *
> 
> Inside Vs2:
> # route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 192.168.83.0    0.0.0.0         255.255.255.0   U     0      0        0 *
> 192.168.79.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0.3
> 192.168.107.0   0.0.0.0         255.255.255.0   U     0      0        0 *
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 *
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 eth0.3
> 0.0.0.0         0.0.0.0         0.0.0.0         UG    0      0        0 *
> 
> And both have access to the Internet.
> 
> [Excerpt of] "/etc/network/interfaces" on Host1:
> -----
> # VLAN (Private)
> auto eth0.2
> iface eth0.2 inet static
>         address 192.168.83.1
>         netmask 255.255.255.0
>         mtu 1496
> 
> # VLAN (DMZ)
> auto eth0.3
> iface eth0.3 inet static
>         address 192.168.79.1
>         netmask 255.255.255.0
>         mtu 1496
> -----
> 
> And similarly on Host2 (except for the addresses, to be replaced by 
> "192.168.83.2"
> and "192.168.79.2", respectively).
> [The mtu setting seems important (as noted on the VLAN docs) here: All other 
> things
> equal, I had some strange "Temporary name resolution failure" and other ssh 
> hangs,
> which disappeared after lowering the mtu.]
> 
> 
> The routing is set up in "/etc/vserver/<name>/scripts/pre-start.d/".
> For "eth0.2", I have a file called "priv_routing.sh" with:
> -----
> ip route add 192.168.83.0/24 dev eth0.2 table 102
> ip route add default via 192.168.83.2 dev eth0.2 table 102
> ip rule add from 192.168.83.0/24 table 102
> -----
> 
> And for "eth0.3", a file called "dmz_routing":
> -----
> ip route add 192.168.79.0/24 dev eth0.3 table 103
> ip route add default via 192.168.79.2 dev eth0.3 table 103
> ip rule add from 192.168.79.0/24 table 103
> -----
> 
> 
> Yet... this error remains, at vserver startup:
> ERROR: trying to add VLAN #2 to IF -:eth0:-  error: Invalid argument
> 
> What about it?


well, we don't know your vserver config yet, but I'd
guess it's just a little wrong (i.e. it states to 'create'
the alias/ip for that interface which already exists)

but without config, that's hard to tell ...

best,
Herbert

> 
> 
> Best regards,
> Gilles
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Re: [Vserver] Confused by routing

Reply via email to