[PVE-User] ip source address issue.
Dietmar Maurer
dietmar at proxmox.com
Thu Aug 26 07:59:04 CEST 2010
Please can you post your network configuration /etc/network/interfaces
After restarting a HN3 It doesn't connect to my sql-server anymore (sql-server is an OVZ container that lives on HN3, connections from HN1 or HN2 to sql-server work fine). The reason seems to be network related.
HN3: 77.2.179.77/24<http://77.2.179.77/24>
sql-server: 77.2.179.120/24<http://77.2.179.120/24> (remember, it lives on HN3)
lets do a ping, from HN3 to sql-server container
HN3:~# ping 77.2.179.120
PING 77.2.179.120 (77.2.179.120) 56(84) bytes of data.
64 bytes from 77.2.179.120<http://77.2.179.120>: icmp_seq=1 ttl=64 time=0.043 ms
Seems to work fine, but when we use tcpdump to examine that ping, we get this:
HN3:~# tcpdump ip proto 1 -i venet0
16:07:15.175602 IP 10.0.10.3 > 77.2.179.120<http://77.2.179.120>: ICMP echo request, id 33323, seq 28, length 64
16:07:15.175623 IP 77.2.179.120 > 10.0.10.3<http://10.0.10.3>: ICMP echo reply, id 33323, seq 28, length 64
Why HN3 use 10.0.10.3 src ip address instead of 77.2.179.77 ? At least it's what 'ip ro' say:
HN3:~# ip ro
10.0.0.20 dev venet0 scope link
77.2.179.122 dev venet0 scope link
77.2.179.120 dev venet0 scope link
77.2.179.126 dev venet0 scope link
77.2.179.125 dev venet0 scope link
10.0.0.0/24<http://10.0.0.0/24> dev vmbr1 proto kernel scope link src 10.0.0.3
77.2.179.0/24<http://77.2.179.0/24> dev vmbr0 proto kernel scope link src 77.2.179.77
10.10.0.0/24<http://10.10.0.0/24> dev eth3 proto kernel scope link src 10.10.0.3
10.0.10.0/24<http://10.0.10.0/24> dev eth2 proto kernel scope link src 10.0.10.3
default via 77.2.179.7 dev vmbr0
packets to 77.2.179.0/24<http://77.2.179.0/24> must use 77.2.179.77 as src address.
What is that I'm missing? Maybe "venet" doesn't look 'ip ro' table? How could I force a correct src address for the ip packets to my sql-server?
Note:
packet src addr from others HN are correct:
16:25:53.535392 IP 77.2.179.75 > 77.2.179.120<http://77.2.179.120>: ICMP echo request, id 6748, seq 4, length 64
16:25:53.535423 IP 77.2.179.120 > 77.2.179.75<http://77.2.179.75>: ICMP echo reply, id 6748, seq 4, length 64
br Marc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-user/attachments/20100826/394097ae/attachment.htm>
More information about the pve-user
mailing list