Menu
▾
▴
Re: [OpenNode-users] Venet route not added upon VM start
|
From: <ope...@li...> - 2010-11-09 07:46:55
|
Please do execute on hardware node 'service iptables stop' (verify that now iptables -L shows empty chains) and try networking from VM again - as said earlier default firewalling rules do not allow dns for venet. ---------------------------------------------- Andres Toomsalu, an...@ac... ope...@li... wrote: > Thanks for the continued support Andres. > > Let's start from the beginning and have a full snapshot. Following is > posting of both inside the VM and at the main node. > (code separated by ****) > > ********************************************************************************************************************************************* > Code Used to create the VM > ------------------------------------------ > vzctl create 504 --ostemplate centos-5-x86_64 > vzctl set 504 --ipadd 10.100.100.137 --save > vzctl set 504 --nameserver 10.100.100.137 --save > vzctl set 504 --hostname ct4.domain --save > vzctl set 504 --diskspace 10G:11G --save > vzctl set 504 --diskinodes 900000:910000 --save > vzctl set 504 --quotatime 600 --save > vzctl start 504 > vzctl set 504 --userpasswd root:1234 > vzctl exec 504 ps ax > > > > ********************************************************************************************************************************************** > Code used to lunch VM: > ----------------------------------- > > Inside VM: > [root@ct4 /]# ifconfig > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > venet0 Link encap:UNSPEC HWaddr > 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 > inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 > Mask:255.255.255.255 > UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > venet0:0 Link encap:UNSPEC HWaddr > 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 > inet addr:10.100.100.137 P-t-P:10.100.100.137 > Bcast:10.100.100.137 Mask:255.255.255.255 > UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 > > [root@ct4 /]# iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > [root@ct4 /]# ping google.com <http://google.com> > ping: unknown host google.com <http://google.com> > [root@ct4 /]# ping 10.100.100.1 > PING 10.100.100.1 (10.100.100.1) 56(84) bytes of data. > > --- 10.100.100.1 ping statistics --- > 19 packets transmitted, 0 received, 100% packet loss, time 18001ms > > > ********************************************************************************************************************************* > At the main Node: > ---------------------------- > [root@virtN ~]# ifconfig > eth0 Link encap:Ethernet HWaddr 00:25:90:1A:A7:72 > inet6 addr: fe80::225:90ff:fe1a:a772/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:12 errors:0 dropped:0 overruns:0 frame:0 > TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:1002 (1002.0 b) TX bytes:468 (468.0 b) > Memory:faee0000-faf00000 > > eth1 Link encap:Ethernet HWaddr 00:25:90:1A:A7:73 > inet addr:10.100.100.141 Bcast:10.100.100.255 > Mask:255.255.255.0 > inet6 addr: fe80::225:90ff:fe1a:a773/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:60 errors:0 dropped:0 overruns:0 frame:0 > TX packets:76 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:6439 (6.2 KiB) TX bytes:10143 (9.9 KiB) > Memory:fafe0000-fb000000 > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:3 errors:0 dropped:0 overruns:0 frame:0 > TX packets:3 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:336 (336.0 b) TX bytes:336 (336.0 b) > > venet0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 > inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:18 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:4572 (4.4 KiB) > > virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 > inet addr:192.168.122.1 Bcast:192.168.122.255 > Mask:255.255.255.0 > inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:468 (468.0 b) > > [root@virtN ~]# > [root@virtN ~]# iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > ACCEPT udp -- anywhere anywhere udp > dpt:domain > ACCEPT tcp -- anywhere anywhere tcp > dpt:domain > ACCEPT udp -- anywhere anywhere udp > dpt:bootps > ACCEPT tcp -- anywhere anywhere tcp > dpt:bootps > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere 192.168.122.0/24 > <http://192.168.122.0/24> state RELATED,ESTABLISHED > ACCEPT all -- 192.168.122.0/24 <http://192.168.122.0/24> > anywhere > ACCEPT all -- anywhere anywhere > REJECT all -- anywhere anywhere > reject-with icmp-port-unreachable > REJECT all -- anywhere anywhere > reject-with icmp-port-unreachable > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > [root@virtN ~]# > [root@virtN ~]# route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref > Use Iface > 10.100.100.50 * 255.255.255.255 UH 0 0 > 0 venet0 > 10.100.100.49 * 255.255.255.255 UH 0 0 > 0 venet0 > 10.100.100.139 * 255.255.255.255 UH 0 0 > 0 venet0 > 10.100.100.137 * 255.255.255.255 UH 0 0 > 0 venet0 > 10.100.100.0 * 255.255.255.0 U 0 0 > 0 eth1 > 192.168.122.0 * 255.255.255.0 U 0 0 > 0 virbr0 > 169.254.0.0 * 255.255.0.0 U 0 0 > 0 eth1 > default 155-redbox.loca 0.0.0.0 UG 0 0 > 0 eth1 > [root@virtN ~]# > [root@virtN ~]# ping google.com <http://google.com> > PING google.com <http://google.com> (173.194.32.104) 56(84) bytes of data. > 64 bytes from yyz06s05-in-f104.1e100.net > <http://yyz06s05-in-f104.1e100.net> (173.194.32.104): icmp_seq=1 > ttl=57 time=1.02 ms > 64 bytes from yyz06s05-in-f104.1e100.net > <http://yyz06s05-in-f104.1e100.net> (173.194.32.104): icmp_seq=2 > ttl=57 time=0.996 ms > 64 bytes from yyz06s05-in-f104.1e100.net > <http://yyz06s05-in-f104.1e100.net> (173.194.32.104): icmp_seq=3 > ttl=57 time=0.988 ms > > --- google.com <http://google.com> ping statistics --- > 3 packets transmitted, 3 received, 0% packet loss, time 2000ms > rtt min/avg/max/mdev = 0.988/1.002/1.023/0.029 ms > [root@virtN ~]# > [root@virtN ~]# > [root@virtN ~]# ping 10.100.100.1 > PING 10.100.100.1 (10.100.100.1) 56(84) bytes of data. > 64 bytes from 10.100.100.1 <http://10.100.100.1>: icmp_seq=1 ttl=64 > time=0.419 ms > 64 bytes from 10.100.100.1 <http://10.100.100.1>: icmp_seq=2 ttl=64 > time=0.455 ms > > --- 10.100.100.1 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1000ms > rtt min/avg/max/mdev = 0.419/0.437/0.455/0.018 ms > [root@virtN ~]# > [root@virtN ~]# vzctl enter 504 > entered into CT 504 > [root@ct4 /]# ping google.com <http://google.com> > ping: unknown host google.com <http://google.com> > > Thanks, > Bruce > > > > On Mon, Nov 8, 2010 at 3:32 PM, <ope...@li... > <mailto:ope...@li...>> wrote: > > Have you tried to ping some other IP addresses from outside world > - default iptables rules on CentOS will block DNS traffic for > OpenVZ VM-s. > iptables -L output should show no rules in iptables chains in > order DNS to work for VM-s - or you must setup correct rules for > venet0 device to allow DNS traffic. > > -- > ---------------------------------------------- > Andres Toomsalu, an...@ac... <mailto:an...@ac...> > > > > > On 08.11.2010, at 6:49, ope...@li... > <mailto:ope...@li...> wrote: > >> Hello, >> >> I have followed the guide to create a VM from CentOS_5.5_x64 and >> assigned it IP 10.100.100.50 which is within the range of my DHCP >> router. I can ping the router and the router can ping the VM but >> there is no connection to outside world (e.g google.com >> <http://google.com/> is unreachable). I have noted that route for >> veneth has not populated when the interface started. Is there any >> specific reason to that? What can I do to get this running? >> >> *** I also get "SIOCADDRT: Network is unreachable" when I do >> service network restart. >> >> Following is all the output: >> >> [root@virtN /]# ifconfig >> lo Link encap:Local Loopback >> inet addr:127.0.0.1 Mask:255.0.0.0 >> inet6 addr: ::1/128 Scope:Host >> UP LOOPBACK RUNNING MTU:16436 Metric:1 >> RX packets:0 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:0 >> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) >> >> venet0 Link encap:UNSPEC HWaddr >> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 >> inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 >> Mask:255.255.255.255 >> UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 >> RX packets:99 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:115 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:0 >> RX bytes:7795 (7.6 KiB) TX bytes:9107 (8.8 KiB) >> >> venet0:0 Link encap:UNSPEC HWaddr >> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 >> inet addr:10.100.100.50 P-t-P:10.100.100.50 >> Bcast:10.100.100.50 Mask:255.255.255.255 >> UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 >> >> [root@virtN /]# route >> Kernel IP routing table >> Destination Gateway Genmask Flags Metric Ref >> Use Iface >> 192.0.2.0 * 255.255.255.0 U 0 0 >> 0 venet0 >> 169.254.0.0 * 255.255.0.0 U 0 0 >> 0 venet0 >> default 192.0.2.1 0.0.0.0 UG 0 0 >> 0 venet0 >> [root@virtN /]# ping 10.100.100.1 >> PING 10.100.100.1 (10.100.100.1) 56(84) bytes of data. >> 64 bytes from 10.100.100.1 <http://10.100.100.1/>: icmp_seq=1 >> ttl=63 time=0.316 ms >> 64 bytes from 10.100.100.1 <http://10.100.100.1/>: icmp_seq=2 >> ttl=63 time=0.497 ms >> >> --- 10.100.100.1 ping statistics --- >> 2 packets transmitted, 2 received, 0% packet loss, time 999ms >> rtt min/avg/max/mdev = 0.316/0.406/0.497/0.092 ms >> [root@virtN /]# ping google.com <http://google.com/> >> PING google.com <http://google.com/> (173.194.32.104) 56(84) >> bytes of data. >> >> --- google.com <http://google.com/> ping statistics --- >> 3 packets transmitted, 0 received, 100% packet loss, time 1999ms >> >> [root@virtN /]# service network restart >> Shutting down interface venet0: [ OK ] >> Shutting down loopback interface: [ OK ] >> Bringing up loopback interface: [ OK ] >> Bringing up interface venet0: SIOCADDRT: Network is unreachable >> [ OK ] >> >> >> Thanks, >> Bruce >> ------------------------------------------------------------------------------ >> The Next 800 Companies to Lead America's Growth: New Video Whitepaper >> David G. Thomson, author of the best-selling book "Blueprint to a >> Billion" shares his insights and actions to help propel your >> business during the next growth cycle. Listen Now! >> http://p.sf.net/sfu/SAP-dev2dev_______________________________________________ >> OpenNode-users mailing list >> Ope...@li... >> <mailto:Ope...@li...> >> https://lists.sourceforge.net/lists/listinfo/opennode-users > > > ------------------------------------------------------------------------------ > The Next 800 Companies to Lead America's Growth: New Video Whitepaper > David G. Thomson, author of the best-selling book "Blueprint to a > Billion" shares his insights and actions to help propel your > business during the next growth cycle. Listen Now! > http://p.sf.net/sfu/SAP-dev2dev > _______________________________________________ > OpenNode-users mailing list > Ope...@li... > <mailto:Ope...@li...> > https://lists.sourceforge.net/lists/listinfo/opennode-users > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > The Next 800 Companies to Lead America's Growth: New Video Whitepaper > David G. Thomson, author of the best-selling book "Blueprint to a > Billion" shares his insights and actions to help propel your > business during the next growth cycle. Listen Now! > http://p.sf.net/sfu/SAP-dev2dev > ------------------------------------------------------------------------ > > _______________________________________________ > OpenNode-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opennode-users > |
