Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <85e0c720912120419k15d3f476g89cabc6be37f4fe5@mail.gmail.com>
Date: Sat, 12 Dec 2009 19:19:10 +0700
From: Ihsan Sabri <ishobr@...il.com>
To: owl-users@...ts.openwall.com
Subject: Re: Network unreachable from inside Owl CT

Thank you GM,

The problem solved after running  '/sbin/route add default venet0' inside
the Container:

Sample output:

sub!root:~# ping 195.42.179.202
connect: Network is unreachable
sub!root:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
219.83.122.125  0.0.0.0         255.255.255.255 UH    0      0        0
venet0
127.0.0.1       0.0.0.0         255.255.255.255 UH    0      0        0
venet0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
sub!root:~# /sbin/route add default venet0
sub!root:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
219.83.122.125  0.0.0.0         255.255.255.255 UH    0      0        0
venet0
127.0.0.1       0.0.0.0         255.255.255.255 UH    0      0        0
venet0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0
venet0
sub!root:~# ping 195.42.179.202
PING 195.42.179.202 (195.42.179.202) 56(84) bytes of data.
64 bytes from 195.42.179.202: icmp_seq=1 ttl=41 time=325 ms


FYI, there is /etc/vz/dists/owl.conf (owned by centos package
vzctl-3.0.23-1) on HN contains:

ADD_IP=redhat-7.x_add_ip.sh
DEL_IP=redhat-del_ip.sh
SET_HOSTNAME=redhat-set_hostname.sh
SET_DNS=set_dns.sh
SET_USERPASS=set_userpass.sh
SET_UGID_QUOTA=set_ugid_quota.sh
POST_CREATE=postcreate.sh

The question now is why Container using OpenVZ official pre-created
templates didn't need this manual routing table manipulation?

Ihsan

On Sat, Dec 12, 2009 at 5:20 PM, (GalaxyMaster) <galaxy@...nwall.com> wrote:

> Ihsan,
>
> It would greatly helped if you provided the list with the output of
> 'route -n' (or 'ip route') from within the container.
>
> However, I suspect that your OpenVZ configuration that came from
> CentOS packages (?) doesn't have proper container scripts for
> Owl.  There are several options on how to resolve it.  The
> most straightforward solution will be to add the missing
> default route (this is a speculation since we didn't see your route
> table) by adding something like '/sbin/route add default venet0'
> to your /etc/rc.d/rc.local inside the Owl container.
>
> Hope this helps.
[...]
> --
> (GM)

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.