From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 25 May 2005 - 08:38:41 BST
On Wed, May 25, 2005 at 01:32:12AM +0200, Gilles wrote:
>
> >
> > > > > 3. How to set the source for a default route?
> > > > Using iproute2 you can use:
> > > > ip rule add from ${MYNET}/${SVRPFX} table ${VLAN}
> > > >
>
> Yes, as is explained in
> http://archives.linux-vserver.org/200311/0470.html
>
> [I'll still have to read the docs in order to understand the "rule"s.]
>
> > >
> > > >From the "ip" docs, one of the error (see below: "RTNETLINK answers: Invalid
> > > argument") comes from using the "rule" command, and seems related to a missing
> > > kernel feature (CONFIG_IP_MULTIPLE_TABLES). But I can't find it in ".config";
> > > has it changed name, or is it covered by another config option?
> > >From 2.6.11*:
> > CONFIG_IP_MULTIPLE_TABLES=y
> >
> > Symbol: IP_MULTIPLE_TABLES [=y]
> > ??? Prompt: IP: policy routing
> > ??? Defined at net/ipv4/Kconfig:56
> > ??? Depends on: NET && IP_ADVANCED_ROUTER
> > ??? Location:
> > ??? -> Device Drivers
> > ??? -> Networking support
> > ??? -> Networking support (NET [=y])
> > ??? -> Networking options
> > ??? -> TCP/IP networking (INET [=y])
> > ??? -> IP: advanced router (IP_ADVANCED_ROUTER
> > [=y])
> >
>
> I was missing that one, as Herbert had just told me.
>
> > > > >
> > > > > First I removed the "network" and "gateway" entries in the "interfaces" file.
> > > > > Then I put a "routing.sh" script in "/etc/vservers/phony/scripts/pre-start.d"
> > > > > containing the following lines:
> > > > >
> > > > > ip route add 192.168.83.0/24 dev eth0.2
> > > > > ip route add default via 192.168.83.2 dev eth0.2
> > > > > ip rule add from 192.168.83.0/24
> > > > First of all, I have had issues when doing routing changes in the pre-start fase,
> > > > so I made a habbit of doing those changes in the post start fase and that solved
> > > > a lot of my problems.
> > > >
>
> It seems more coherent to set it in "pre-start" (if possible): probably better not
> to have a running vserver without a sensible routing (?).
>
> Now, with a new kernel (advanced router with multiple tables...):
>
> Inside Vs1:
> # route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2
> 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0.2
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 *
> 0.0.0.0 0.0.0.0 0.0.0.0 UG 0 0 0 *
>
> Inside Vs2:
> # route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.3
> 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 *
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0.3
> 0.0.0.0 0.0.0.0 0.0.0.0 UG 0 0 0 *
>
> And both have access to the Internet.
>
> [Excerpt of] "/etc/network/interfaces" on Host1:
> -----
> # VLAN (Private)
> auto eth0.2
> iface eth0.2 inet static
> address 192.168.83.1
> netmask 255.255.255.0
> mtu 1496
>
> # VLAN (DMZ)
> auto eth0.3
> iface eth0.3 inet static
> address 192.168.79.1
> netmask 255.255.255.0
> mtu 1496
> -----
>
> And similarly on Host2 (except for the addresses, to be replaced by "192.168.83.2"
> and "192.168.79.2", respectively).
> [The mtu setting seems important (as noted on the VLAN docs) here: All other things
> equal, I had some strange "Temporary name resolution failure" and other ssh hangs,
> which disappeared after lowering the mtu.]
>
>
> The routing is set up in "/etc/vserver/<name>/scripts/pre-start.d/".
> For "eth0.2", I have a file called "priv_routing.sh" with:
> -----
> ip route add 192.168.83.0/24 dev eth0.2 table 102
> ip route add default via 192.168.83.2 dev eth0.2 table 102
> ip rule add from 192.168.83.0/24 table 102
> -----
>
> And for "eth0.3", a file called "dmz_routing":
> -----
> ip route add 192.168.79.0/24 dev eth0.3 table 103
> ip route add default via 192.168.79.2 dev eth0.3 table 103
> ip rule add from 192.168.79.0/24 table 103
> -----
>
>
> Yet... this error remains, at vserver startup:
> ERROR: trying to add VLAN #2 to IF -:eth0:- error: Invalid argument
>
> What about it?
well, we don't know your vserver config yet, but I'd
guess it's just a little wrong (i.e. it states to 'create'
the alias/ip for that interface which already exists)
but without config, that's hard to tell ...
best,
Herbert
>
>
> Best regards,
> Gilles
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver