Your OpenVZ VPS may got inaccessible due to the ARP conflict. This problem is not a bug or a server configuration issue, its caused by the network configuration at your data-centre and the way that OpenVZ networking works.
OpenVZ VPS don't have their own network interfaces or mac addresses, instead it uses an internal Proxy/ARP based IP forwarding system, which forwards packets via the host machine.
The switch or router your node is connected to will have an ARP table which is a list of IP Addresses and the mac addresses they are routed to. This gets updated whenever an IP is accessed from a system.
When a VPS is initially created, the IP is brought up through the node and the ARP table is updated with the mac address of the node, which then forwards packets to the VPS.
If you have a VPS suspended or offline for some time, that entry in the ARP table on the switch/router will timeout and be removed. When you un-suspend or boot the VPS, the ARP table will not be updated because the VPS does not have its own mac address, and the router won't know what to do with that IP.
This description may not be 100% accurate depending on how your datacentre has configured their network, but that's what's happening. When the VPS is offline, the router is losing it's entry of where it needs to route that IP Address.
The only way to get around the problem is to bring up the IP on the node's interface e.g. as eth0:0 or eth0:1, then ping it which will update the router's table. Then you can remove it from the node and boot the VPS.
A permanent solution would be to use a virtualization technology such as Xen or KVM, where each VPS has its own unique mac address, or find an alternate provider unless they can help you resolve this.
(1) You can add the arp entries for the IPs on the actual virtual environment as follows
#arp -s [INSERT IP HERE] `ifconfig eth0 | grep eth0 | awk '{print $5}'` pub
Make sure you run the command above for every IP on the VPS
(2) To delete the entry from the ARP cache:
#arp -d <IP_ADDRESS>
If you get an error “SIOCDARP(pub): No such file or directory”, then you should provide an extra argument to the above command
# arp -d <IP_ADDRESS> -i <ethernet_interface>
OpenVZ VPS don't have their own network interfaces or mac addresses, instead it uses an internal Proxy/ARP based IP forwarding system, which forwards packets via the host machine.
The switch or router your node is connected to will have an ARP table which is a list of IP Addresses and the mac addresses they are routed to. This gets updated whenever an IP is accessed from a system.
When a VPS is initially created, the IP is brought up through the node and the ARP table is updated with the mac address of the node, which then forwards packets to the VPS.
If you have a VPS suspended or offline for some time, that entry in the ARP table on the switch/router will timeout and be removed. When you un-suspend or boot the VPS, the ARP table will not be updated because the VPS does not have its own mac address, and the router won't know what to do with that IP.
This description may not be 100% accurate depending on how your datacentre has configured their network, but that's what's happening. When the VPS is offline, the router is losing it's entry of where it needs to route that IP Address.
The only way to get around the problem is to bring up the IP on the node's interface e.g. as eth0:0 or eth0:1, then ping it which will update the router's table. Then you can remove it from the node and boot the VPS.
A permanent solution would be to use a virtualization technology such as Xen or KVM, where each VPS has its own unique mac address, or find an alternate provider unless they can help you resolve this.
(1) You can add the arp entries for the IPs on the actual virtual environment as follows
#arp -s [INSERT IP HERE] `ifconfig eth0 | grep eth0 | awk '{print $5}'` pub
Make sure you run the command above for every IP on the VPS
(2) To delete the entry from the ARP cache:
#arp -d <IP_ADDRESS>
If you get an error “SIOCDARP(pub): No such file or directory”, then you should provide an extra argument to the above command
# arp -d <IP_ADDRESS> -i <ethernet_interface>
0 comments:
Post a Comment