lxc and ovh failover ip
- Thread starter jarek04
- Start date
There is currently work going on to fix this issue, some problems with the specialty of OVH networks, you'd have to set the routing manually but as this had to be done at every reboot, it is maybe better to wait for the bugfix.
A good idea is to tri-state the UI. Now we have "valid" and "invalid". A "warning" state should be added, like yellow. That setting will allow you to press "OK" or "Save". This way we can still see wrong typing in IP addresses/netmasks but special config guys will be able to move on.
The special routes for OVH I think can be added by the startup scripts.
The special routes for OVH I think can be added by the startup scripts.
The next issue you'll see is that with OVH the gateway is inside a different subnet. Our rationale was that usually if you start handing out IP addresses to containers you have more than one address, and that usually means you have a block, which means it won't be a /32 subnet, which means you in theory also have a broadcast address, so using /32 didn't make sense to us.
However, OVH's intention on dedicated servers seems to be to not use a broadcast address (since it's a single host, unless you use the vRack which is a different story). And in addition to that their gateways are usually outside your subnet. This is an issue because most network configuration tools cannot deal with this and require manual intervention, which is why their documentation tells you to create `post-up` and `pre-down` entries in the /etc/network/interfaces file. (And we're not sure it's our job to deal with this routing situation - personally I find that's the network management layer's job, ie ifup/ifdown, systemd-networkd or whatever it is you're using - ie. if the gateway isn't reachable it makes sense to add a route to it on the interface the gateway line is specified on... but this problem keeps popping up...)
We'll soon add an OVH entry to our wiki explaining the necessary steps in detail.
In short: use 'static' addresses and leave all the fields blank, that way PVE will not touch the container's /etc/network/interfaces file and you can configure it manually.
However, OVH's intention on dedicated servers seems to be to not use a broadcast address (since it's a single host, unless you use the vRack which is a different story). And in addition to that their gateways are usually outside your subnet. This is an issue because most network configuration tools cannot deal with this and require manual intervention, which is why their documentation tells you to create `post-up` and `pre-down` entries in the /etc/network/interfaces file. (And we're not sure it's our job to deal with this routing situation - personally I find that's the network management layer's job, ie ifup/ifdown, systemd-networkd or whatever it is you're using - ie. if the gateway isn't reachable it makes sense to add a route to it on the interface the gateway line is specified on... but this problem keeps popping up...)
We'll soon add an OVH entry to our wiki explaining the necessary steps in detail.
In short: use 'static' addresses and leave all the fields blank, that way PVE will not touch the container's /etc/network/interfaces file and you can configure it manually.
Ich habe das selbe Problem und würde mich sehr freuen, wenn es bei euch schnellstmöglich in der Wiki eine Anleitung dazu gebe, wie das mit den Failover IPv4 Adressen von OVH und den LXC funktionieren soll.
Hierfür wäre ich Ihnen sehr dankbar, weil ich es nicht zum Laufen bekomme mit der Verbindung...
Den Beitrag habe ich jetzt mal absichtlich auf Deutsch geschrieben, weil es an Sie geht, Herr Wolfgang
Dazu kurz ein Feedback: Ich feier echt eure Arbeit an Proxmox und Ihr Team leistet eine super Arbeit!!
Freundliche Grüße,
Adam M.
Hierfür wäre ich Ihnen sehr dankbar, weil ich es nicht zum Laufen bekomme mit der Verbindung...
Den Beitrag habe ich jetzt mal absichtlich auf Deutsch geschrieben, weil es an Sie geht, Herr Wolfgang
Dazu kurz ein Feedback: Ich feier echt eure Arbeit an Proxmox und Ihr Team leistet eine super Arbeit!!
Freundliche Grüße,
Adam M.
Howto: Configure network devices in LXC containers using OVH failover IPs
First, you need to obtain a MAC address for the IP you wish to assign to your VM from OVH via their management interface. With a randomly generated MAC, the OVH router would not talk to your bridged VM.
In the network tab of the relevant LXC container in the Proxmox GUI:
Now you need to configure your network interface from within the running VM. Let's assume the primary IP of your OVH server is 1.2.3.4, you have a failover IP 42.42.42.42 and your container is Debian-based:
First, you need to obtain a MAC address for the IP you wish to assign to your VM from OVH via their management interface. With a randomly generated MAC, the OVH router would not talk to your bridged VM.
In the network tab of the relevant LXC container in the Proxmox GUI:
- Add a new network device via the "add" button
- Select an unused ID, e.g. net0
- Enter a name for the new NIC: e.g. eth0
- Enter the MAC address you obtained from OVH
- Select the bridge that has your server's main IP assigned to it, e.g. vmbr0
- Leave everything else untouched and start the VM
Now you need to configure your network interface from within the running VM. Let's assume the primary IP of your OVH server is 1.2.3.4, you have a failover IP 42.42.42.42 and your container is Debian-based:
- Edit /etc/network/interfaces inside the VM and add the following config
Code:auto eth0 iface eth0 inet static address 42.42.42.42 netmask 255.255.255.255 broadcast 42.42.42.42 # add the OVH gateway which is the primary IP of your server, but with the last octet set to 254 post-up route add 1.2.3.254 dev eth0 post-up route add default gw 1.2.3.254 pre-down route del 1.2.3.254 dev eth0 pre-down route del default gw 1.2.3.254 - If you also want to add an IPv6 address, your IPv6 block is 2001:41D0:1:ABCD::/64 and you want to assign 2001:41D0:1:ABCD::100 to your VM, you also need to add this:
Code:iface eth0 inet6 static address 2001:41D0:1:ABCD::100 netmask 64 # the OVH gateway is always at the 8th byte of your netblock (CD in this example) replaced by FF followed by 4 FF blocks gateway 2001:41D0:1:ABFF:FF:FF:FF:FF - Apply the settings using ifup eth0 or reboot the VM.
The reason for the wiki entry to not be up yet is that we decided to take the easier route and generate the route entries accordingly when the gateway is outside the subnet. Iow. with the next package updates you should be able to just configure the network in the GUI as usual.
If anybody comes across this thread having issues with adding additional IPs to an LXC container (CentOS), what I found to be the only solution was to set the MAC address on the additional IP in the OVH manager, to the SAME mac address as the main IP assigned to the container, without doing this I had all kinds of problems getting an additional failover IP to ping from internet -> container