Problem with redistribute static routes from venet (openvz pseudointerface)
Hello, I would like to import routes (ips exactly, with netmask /32) added by openvz virtualization to main ruting kernel table, when the virtualization system starts. I don't want to be misunderstand, but in quagga it works :), and I would like to test (and switch to) bird. Unfortunetly in bird I can't see the routes(ips) from venet0, see below. My configuration (most important parts, if You think You will need more, please let me now): protocol direct { interface "-eth*", "venet*"; # Restrict network interfaces it works with } protocol kernel { learn; # Learn all alien routes from the kernel persist; # Don't remove routes on bird shutdown scan time 20; # Scan kernel routing table every 20 seconds # import none; # Default is import all import all; export all; # Default is export none # kernel table 5; # Kernel table to synchronize with (default: main) kernel table 254; } protocol static { import all; #route X.Y.10.61/32 via "venet0"; #route X.Y.10.60/32 via "venet0"; #route 192.168.1.51/32 via "venet0"; #route 192.168.1.140/32 via "venet0"; #route X.Y.10.64/32 via "venet0"; #route X.Y.10.65/32 via "venet0"; } Above configuration (with route) doesn't work either, so I commented this out. protocol ospf MyOSPF { tick 2; import all; export all; # export filter { # ospf_metric1 = 1000; # if source = RTS_STATIC then accept; else reject; # }; # rfc1583compat yes; area 0.0.0.0 { #networks { # X.Y.10.65/32; #}; }; As You can see, I tried some configuration, none worked. The main table looks like this: # ip route ls t 254 X.Y.10.61 dev venet0 scope link X.Y.10.60 dev venet0 scope link 192.168.1.51 dev venet0 scope link 192.168.1.140 dev venet0 scope link X.Y.10.64 dev venet0 scope link X.Y.10.65 dev venet0 scope link X.Y.11.0/29 dev eth0 proto kernel scope link src X.Y.11.3 10.1.1.0/24 dev eth1 proto kernel scope link src 10.1.1.0 default via X.Y.11.1 dev eth0 onlink and in birdc: bird> show route 0.0.0.0/0 via X.Y.11.1 on eth0 [kernel1 22:10] * (10) 10.1.1.0/24 dev eth1 [MyOSPF 22:10] * I (150/10) [X.Y.11.3] X.Y.11.0/29 dev eth0 [MyOSPF 22:10] * I (150/10) [X.Y.11.3] # ip a l 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc sfq state UP qlen 1000 link/ether 00:21:85:3c:f5:76 brd ff:ff:ff:ff:ff:ff inet X.Y.11.3/29 brd X.Y.11.7 scope global eth0 inet6 fe80::221:85ff:fe3c:f576/64 scope link valid_lft forever preferred_lft forever 3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 link/ether 00:21:85:3c:f5:77 brd ff:ff:ff:ff:ff:ff inet 10.1.1.0/24 scope global eth1 5: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet6 fe80::1/128 scope link valid_lft forever preferred_lft forever -- greets from Poland, Łukasz Chrustek
On 20.3.2011 22:33, Łukasz Chrustek wrote:
Hello,
I would like to import routes (ips exactly, with netmask /32) added by openvz virtualization to main ruting kernel table, when the virtualization system starts. I don't want to be misunderstand, but in quagga it works :), and I would like to test (and switch to) bird. Unfortunetly in bird I can't see the routes(ips) from venet0, see below. My configuration (most important parts, if You think You will need more, please let me now):
Hi! Can you send us: show interfaces show protocols all direct1 show route protocol direct1 ? Ondrej
protocol direct { interface "-eth*", "venet*"; # Restrict network interfaces it works with } protocol kernel { learn; # Learn all alien routes from the kernel persist; # Don't remove routes on bird shutdown scan time 20; # Scan kernel routing table every 20 seconds # import none; # Default is import all import all; export all; # Default is export none # kernel table 5; # Kernel table to synchronize with (default: main) kernel table 254; } protocol static { import all; #route X.Y.10.61/32 via "venet0"; #route X.Y.10.60/32 via "venet0"; #route 192.168.1.51/32 via "venet0"; #route 192.168.1.140/32 via "venet0"; #route X.Y.10.64/32 via "venet0"; #route X.Y.10.65/32 via "venet0"; }
Above configuration (with route) doesn't work either, so I commented this out.
protocol ospf MyOSPF { tick 2; import all; export all; # export filter { # ospf_metric1 = 1000; # if source = RTS_STATIC then accept; else reject; # };
# rfc1583compat yes; area 0.0.0.0 { #networks { # X.Y.10.65/32; #}; };
As You can see, I tried some configuration, none worked. The main table looks like this:
# ip route ls t 254 X.Y.10.61 dev venet0 scope link X.Y.10.60 dev venet0 scope link 192.168.1.51 dev venet0 scope link 192.168.1.140 dev venet0 scope link X.Y.10.64 dev venet0 scope link X.Y.10.65 dev venet0 scope link X.Y.11.0/29 dev eth0 proto kernel scope link src X.Y.11.3 10.1.1.0/24 dev eth1 proto kernel scope link src 10.1.1.0 default via X.Y.11.1 dev eth0 onlink
and in birdc:
bird> show route 0.0.0.0/0 via X.Y.11.1 on eth0 [kernel1 22:10] * (10) 10.1.1.0/24 dev eth1 [MyOSPF 22:10] * I (150/10) [X.Y.11.3] X.Y.11.0/29 dev eth0 [MyOSPF 22:10] * I (150/10) [X.Y.11.3]
# ip a l
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc sfq state UP qlen 1000 link/ether 00:21:85:3c:f5:76 brd ff:ff:ff:ff:ff:ff inet X.Y.11.3/29 brd X.Y.11.7 scope global eth0 inet6 fe80::221:85ff:fe3c:f576/64 scope link valid_lft forever preferred_lft forever 3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 link/ether 00:21:85:3c:f5:77 brd ff:ff:ff:ff:ff:ff inet 10.1.1.0/24 scope global eth1 5: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet6 fe80::1/128 scope link valid_lft forever preferred_lft forever
On Sun, Mar 20, 2011 at 10:33:12PM +0100, Łukasz Chrustek wrote:
Hello,
I would like to import routes (ips exactly, with netmask /32) added by openvz virtualization to main ruting kernel table, when the virtualization system starts. I don't want to be misunderstand, but in quagga it works :), and I would like to test (and switch to) bird. Unfortunetly in bird I can't see the routes(ips) from venet0, see below. My configuration (most important parts, if You think You will need more, please let me now):
Handling device routes in BIRD is a bit tricky - there are two sides of the problem - import to the BIRD table and export to the kernel table. (so first is to see the routes in 'show route'). So i understand it correctly that you want to import the routes from one kernel table and export them to another? (as i see that they already are in 'ip route ls t 254').
protocol direct { interface "-eth*", "venet*"; # Restrict network interfaces it works with }
Direct would not generate these routes, because they are not addresses assigned to the iface (in output 'ip a l')
protocol kernel { learn; # Learn all alien routes from the kernel persist; # Don't remove routes on bird shutdown scan time 20; # Scan kernel routing table every 20 seconds # import none; # Default is import all import all; export all; # Default is export none # kernel table 5; # Kernel table to synchronize with (default: main) kernel table 254; }
Kernel protocol with learn may generate these routes, but there is an exception for device routes in sysdep/linux/netlink/netlink.c:848 : /* * In Linux IPv6, 'native' device routes have proto * RTPROT_BOOT and not RTPROT_KERNEL (which they have in * IPv4 and which is expected). We cannot distinguish * 'native' and user defined device routes, so we ignore all * such device routes and for consistency, we have the same * behavior in IPv4. Anyway, users should use RTPROT_STATIC * for their 'alien' routes. */ if (i->rtm_protocol == RTPROT_BOOT) src = KRT_SRC_KERNEL; If you remove these two lines and recompile BIRD, you could probably be able to import device routes.
protocol static { import all; #route X.Y.10.61/32 via "venet0"; #route X.Y.10.60/32 via "venet0"; #route 192.168.1.51/32 via "venet0"; #route 192.168.1.140/32 via "venet0"; #route X.Y.10.64/32 via "venet0"; #route X.Y.10.65/32 via "venet0"; }
This should work (if they are uncommented). Second thing is to export the routes to the kernel table. If the routes are from something different than static, you should use 'device routes' option of kernel protocol to really allow export of device routes. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (3)
-
Ondrej Filip -
Ondrej Zajicek -
Łukasz Chrustek