On 19 Mar 2010, at 06:49, Ola Lundqvist wrote:
> However the documentation should also be better described. Suggestions
> on this is highly welcome.
Yes, and the primary question is when proxy_arp should be used. I've scouted 
the net
and came up with the following:

proxy_arp=0
-----------------

http://wiki.openvz.org/Quick_installation
http://wiki.openvz.org/Using_veth_and_brctl_for_protecting_HN_and_saving_IP_addresses

proxy_arp=1
-----------------

http://wiki.openvz.org/Virtual_Ethernet_device
http://ckdake.com/content/2008/vlans-in-openvz.html

> make sure that proxy_arp and forwarding are enabled for bond0.10 in 
> /proc/sys/net/ipv4/conf/bond0.10/

https://gforge.inria.fr/tracker/index.php?func=detail&aid=8459&group_id=411&atid=5117

Ambigous
---------------

http://en.gentoo-wiki.com/wiki/OpenVZ_VLAN

>   echo "1" >  /proc/sys/net/ipv4/conf/$x/proxy_arp

and then later

> I doubt that
> echo "1" >  /proc/sys/net/ipv4/conf/$x/proxy_arp
> is actually needed, at least I've never used it and everything works fine 
> without proxy arp. I even have:
> net.ipv4.conf.default.proxy_arp = 0

http://forum.openvz.org/index.php?t=msg&goto=10089

> The funny thing is it doesnt matter if i set the proxy arp to 0 or 1 in the 
> conf-file, networking within the vz is with both options possible.


Summary:
--------------

The openvz wiki recommends proxy_arp=0 in some cases, and in some proxy_arp=1. 
External sites recommend proxy_arp=1 and then some present varying experiences. 
Some discussions are based on the debian warning message itself, so there is 
some feedback loop involved as well :-).


The cause for the debian proxy_arp=1 setting seems to be bug 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=387762

I have a similar setup; one private and one public address on the host node, 
and then other public addresses for the guests. This works without proxy_arp 
enabled. Worse, enabling proxy_arp produced arpsend warnings and possibly other 
problems.

Maybe something else has changed from 2006 until now such that proxy_arp is not 
needed?

If only openvz.org is trusted, it seems proxy_arp should only be used when 
using veth devices, and not venet devices.

Perhaps you could contact upstream to get a more definite answer.

BR
 Stefan




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to