From: Dennis Roos (dennis_at_intouch.nl)
Date: Tue 24 May 2005 - 12:58:18 BST
On Tue, 2005-05-24 at 12:12 +0200, Gilles wrote:
> Hello.
>
> > >
> > > 1. How do the "users" of the gateway know their source address?
> > AFAIK it is the first interface that was created when starting the
> > vserver.
> >
>
> Euh, I meant, how to set up things so that the programs (== "users")
> which try to establish connections will work?
Well... As I said, it's an assumption based on experiences thus far, the
first interface created when starting the vserver is the source
interface for the vserver's users.
>
> > > 2. Does the output of "route" show an indication of what is the source?
> > Not necessarily ;)
> So how can I "see" what address is the "source" (so that I know whether
> that's the problem).
As above, the first interface that is created when starting the vserver. You
can check this from the source host using a sniffer or another tool to
watch network traffic.
> > > 3. How to set the source for a default route?
> > Using iproute2 you can use:
> > ip rule add from ${MYNET}/${SVRPFX} table ${VLAN}
> >
>
> >From the "ip" docs, one of the error (see below: "RTNETLINK answers: Invalid
> argument") comes from using the "rule" command, and seems related to a missing
> kernel feature (CONFIG_IP_MULTIPLE_TABLES). But I can't find it in ".config";
> has it changed name, or is it covered by another config option?
>From 2.6.11*:
CONFIG_IP_MULTIPLE_TABLES=y
Symbol: IP_MULTIPLE_TABLES [=y]
│ Prompt: IP: policy routing
│ Defined at net/ipv4/Kconfig:56
│ Depends on: NET && IP_ADVANCED_ROUTER
│ Location:
│ -> Device Drivers
│ -> Networking support
│ -> Networking support (NET [=y])
│ -> Networking options
│ -> TCP/IP networking (INET [=y])
│ -> IP: advanced router (IP_ADVANCED_ROUTER
[=y])
> > >
> > > First I removed the "network" and "gateway" entries in the "interfaces" file.
> > > Then I put a "routing.sh" script in "/etc/vservers/phony/scripts/pre-start.d"
> > > containing the following lines:
> > >
> > > ip route add 192.168.83.0/24 dev eth0.2
> > > ip route add default via 192.168.83.2 dev eth0.2
> > > ip rule add from 192.168.83.0/24
> > First of all, I have had issues when doing routing changes in the pre-start fase,
> > so I made a habbit of doing those changes in the post start fase and that solved
> > a lot of my problems.
> >
>
> So, I "mv pre-start.d post-start.d" and removed (for now) the third line in
> "routing.sh" to avoid the failing "rule". Then the vserver starts but the
> same networking errors remain:
>
> -----
> ERROR: trying to add VLAN #2 to IF -:eth0:- error: Invalid argument
> RTNETLINK answers: File exists
Oke, so the route already exists (verify with netstat -rn, before and
after starting the vserver)
> An error occured after executing the vserver startup sequence. This
> means that some processes may exist in the created context and the
> manual execution of
An easy workaround is:
route add ... 2>/dev/null
ERROR=$?
if [ ! -z $ERROR ]; then
echo "Route modification returned $ERROR, check man route for details"
fi
Now the vserver will continue to start normally and finish without
errors, it will display the echo line if something did go wrong when
modifying the route.
> /usr/sbin/vserver '/etc/vservers/phony' stop
>
> is recommended to fix this.
> -----
>
> Inside the vserver:
> # route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 0.0.0.0 0.0.0.0 0.0.0.0 UG 0 0 0 *
>
> So now, I can't even connect to/from Host1.
Unfortunately, when an error occurs during the start sequence of the vserver,
the interface will _NOT_ be created, even worse - it is created at first - an
existing interface will be removed (the alias and it's IP configuration is
removed upon failure of the script).
>
> > > # vserver phony start
> > > ERROR: trying to add VLAN #2 to IF -:eth0:- error: Invalid argument
> > > RTNETLINK answers: File exists
> > > RTNETLINK answers: File exists
> > > RTNETLINK answers: Invalid argument
> > >
> > > Failed to start vserver 'phony'
> > What version of util-vserver are you using ? I've had vlan issues with
> > 0.30.195
> >
>
> 0.30.207-5
>
> > <SNIP>
> > > > might be interesting to add an /etc/vservers/*/interfaces/*/gateway
> > > > to the config and set up table based routing if compiled into
> > > > the kernel, etc ... (any volunteers?)
> > I sent a script not too long ago to the list that I am currently using.
> >
>
> I think I found it in the archive (with subject "Little Script !").
That is the old one... I modified it for the new configuration and thought
I sent it to the list, but have not yet done so... As soon as I fixed my
nfs issues :( I'll clean them up and will send them to the list.
>
> Thanks.
> Gilles
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver