When trying to initiate docker swarm, I get the following error response from daemon:
could not choose an IP address to advertise since this system has multiple addresses on interface eth0 (aa11:a111:1a1a::111 and ba11:a111:1a1a::111).
When I execute:
sudo ip addr flush dev eth0
I successfully remove all ip addresses, however, they are recreated once I reboot. What might be the reason for this?
Related
A bridge brOnline is connected to eth0 which provides access to the LAN / Internet. The setup is archived within modifying /etc/network/interfaces like below.
Why? The aim of this adventure is establish a virtual network between several virtual machines and the system hosting the virtual bridge an the virtual machines (host).
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto MyBridge
iface MyBridge inet dhcp
bridge_port eth0
bridge_stp on
bridge_fd 0.0
How can I connect to the bridge from my host?
One important thing: Adding eth0 to the bridge makes it somehow unavailable to the host!
So before adding the interface eth0 to the bridge, which magic was connected to eth0 which enabled my browser the access to the local network? Can or how can I connect this magic to the bridge to have access to the LAN and can talk to the other clients connected to the bridge?
The attempts have been wrong. For the host it is not necessary to connect over an tap-device to the bridge, it has the abilety to connect directly to the bridge. In Other words if you set your default route to bridge connecting to the gateway, than you can connect to the LAN-Interface too.
# see actual settings
# The displayed via is the default gw which may be provided by your dhcp
ip route
default via 42.69.42.69 dev eth0
...
# delete the default route, otherwise error: "file exists" will show up
sudo ip route del default via 42.69.42.69 dev eth0
# Add your bridge as default route
sudo ip route add default via 42.69.42.69 dev brOnline
# check
ip route
default via 10.13.0.10 dev brOnline
ping/ssh to the outside are possible, also firefox is working with those settings.
Hint:
Those changes are not permanent. To do so, you need to edit /etc/network/interfaces.
I'm still not able to ping to the other VM's and vice versa, but this might be an other topic.
I'm trying to use network namespaces to achieve VRF behavior (virtual routing and forwarding) for network isolation. Essentially I have a server application (C/C++) running on a TCP port in the default namespace. What I'd like to do is use network namespaces to create isolated VRF's using VLANs, and then have that application running in the default namespace be able to spawn a thread to each namespace to listen on that same port per namespace.
I have the network side figured out, I just can't see how I can spawn a thread (prefer to use pthread's instead of clone() if possible), call setns() on one of those namespaces, and then bind to the same port inside the namespace. Here's what I'm doing to create the namespaces and bridges (limiting to one namespace here for simplicity):
# ip netns add ns_vlan100
# ip link add link eno1 eno1.100 type vlan id 100
# ip link add veth0 type veth peer name veth_vlan100
# ip link set veth0 netns ns_vlan100
# ip netns exec ns_vlan100 ip link set dev veth0 up
# ip link set dev veth_vlan100 up
# brctl addbr bridge_vlan100
# brctl addif bridge_vlan100 eno1.100
# brctl addif bridge_vlan100 veth_vlan100
# ip link set dev bridge_vlan100 up
# ip link set dev eno1.100 up
# ip netns exec ns_vlan100 ifconfig veth0 10.10.10.1 netmask 255.255.255.0 up
# ip netns exec ns_vlan100 ip route add default via 10.10.10.1
With this, I can create a VLAN on a peer machine (no containers) and ping 10.10.10.1 without issue. So I know the links are good. What I want to do is then have my existing application be able to spawn a thread in C or C++ (pthreads are heavily preferred), and that thread call setns() with something to put it into namespace ns_vlan100, so I can then bind to the same port for my application, just inside that namespace.
I can't seem to figure out how to do this. Any help is much appreciated.
I want to crawl webpages through browser and store network traffic per URL (not only HTTP but also udp, rtmp etc.) I came across this solution to use linux network namespace for per process routing. Following are the steps I followed, however unable to browse the webpage.
ip netns add test
create a pair of virtual network interfaces (veth-a and veth-b):
ip link add veth-a type veth peer name veth-b
change the active namespace of the veth-a interface:
ip link set veth-a netns test
configure the IP addresses of the virtual interfaces:
ip netns exec test ifconfig veth-a up 192.168.163.1 netmask 255.255.255.0
ifconfig veth-b up 192.168.163.254 netmask 255.255.255.0
configure the routing in the test namespace:
ip netns exec test route add default gw 192.168.163.254 dev veth-a
sudo bash -c ‘echo 1 > /proc/sys/net/ipv4/ip_forward’
sudo iptables -t nat -A POSTROUTING -s 192.168.163.0/24 -o wlan0 -j MASQUERADE
Open Browser in the namepace and get following:
sudo ip netns exec test /usr/bin/firefox http://google.com
(firefox:15861): GConf-WARNING **: Client failed to connect to the D-BUS daemon:
Failed to connect to socket /tmp/dbus-xE8M4KnMPn: Connection refused
(firefox:15861): LIBDBUSMENU-GLIB-WARNING **: Unable to get session bus: Could not connect: Connection refused
In wireshark: sudo ip netns exec test wireshark
I can see Only Outgoing DNS requests from 192.168.163 to 127.0.1.1.
Kindly let me know what I am missing here?
Instead of modifying the host /etc/resolv.conf a cleaner way would be to create a network namespace specific resolv.conf in the following path /etc/netns/ . The "ip netns" utility will bind-mound any resolv.conf on this path to a /etc/resolv.conf in a mount namespace for the process launched with the new network namespace.
Got it. I am able to ping 8.8.8.8. The problem was in DNS resolving.
Update DNS resolver.
put nameserver 8.8.8.8 in /etc/resolvconf/resolv.conf.d/base and in /etc/resolvconf/resolv.conf.d/head.
Restart Network.
sudo service network-manager restart
Now /etc/resolv.conf looks like.
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 8.8.8.8
nameserver 127.0.1.1
Finally.
sudo ip netns exec test /opt/google/chrome/google-chrome --user-data-dir=/tmp/chrome2/ http://yahoo.com
I have an application where it sends some multicast request to the multicast group ,
If I test my Client and Server application on two separate PC which are in same subnet it works fine .
Since I can not run always on two PCs during testing of my application, I thought of using the virtualbox to run the another OS to run my server application .
My Host is ubuntu , I installed the vitrtualbox to run the another guest os linux , and since my traffic only has to be with in the HOST and Guest , I have selected a "host only network type" .
My guest OS get the IP address but when I run my server application, It fails to join to the multicast group says
"No Such Device" .
Can someone help me to set up a network between the Guest and HOST OS ..
My main goal is to send a multicast request and it should reach the guest OS.
In VM:
ls /sys/class/net - get net devices. (lo, eth0, eth1...). You should have one lo and two eth devices.
sudo nano /etc/network/interfaces. At eth0 there is a NAT connection. Lo is a localhost. We should set the Host-Only connection. Add the following:
# The host-only network interface
auto eth1
iface eth1 inet static
address 192.168.56.101
netmask 255.255.255.0
network 192.168.56.0
broadcast 192.168.56.255
(Address is taken from ipconfig/ifconfig output in host system. Instead eth1 you can have another connection name, taken from the step 4.b.i)
For checking the edited file, run:
sudo service network-manager restart
Check if you have all three connections running. Check Host-Only addresses.
ifconfig
Reboot
sudo reboot
I am creating GRE Tunnel between two Linux (CentOS6) servers using below steps.
On the master server:
chkconfig iptables off
service iptables stop
sysctl -w net.ipv4.conf.default.rp_filter=0
modprobe ip_gre
ip tunnel add tun1 mode gre remote 98.123.87.97 local 106.61.58.98 ttl 255
ip addr add 10.0.1.0/24 dev tun1
ip link set dev tun1 up
ip addr add 98.123.87.95/27 dev eth0
On the slave server:
chkconfig iptables off
service iptables stop
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv4.conf.all.forwarding=1
sysctl -w net.ipv4.conf.proxy_arp=1
sysctl -w net.ipv4.conf.all.proxy_arp=1
sysctl -w net.ipv4.conf.eth0.rp_filter=0
sysctl -w net.ipv4.conf.default.rp_filter=0
modprobe ip_gre
ip tunnel add tunx mode gre remote 106.61.58.98 local 98.123.87.97 ttl 255
ip addr add 10.0.2.0/24 dev tun0
ip link set tunx up
ip route add 98.123.87.95/27 dev tun0
I need to add slave server's IP into the on my master server, I am getting the ping response form tunnelled IPs (Slave Server's IP) and when I am trying to SSH the tunnelled IP (Slave IP) I am reaching to Masters(this is what I want).
Problem is when I am trying to send outgoing traffic like DNS query by Tunnelled IP(Slave IP) I am getting time out request.
I guess this is routing issue of one of my server. Any idea what should i do to get through my outgoing traffic by tunnelled IPs?
Thanks,
Are you really adding 10.0.1.0/24 address? This is a network address, looks like mistake.
Also, you shuold add default route(or route to dns servers or whatever you want) on client machine through your tunnel with gateway=another_end_of_tunnel.
Don't forget to add static route to your machine if you don't want to loose connection, before adding default route!