On 19 Mar 2010, at 06:49, Ola Lundqvist wrote: > However the documentation should also be better described. Suggestions > on this is highly welcome.
Yes, and the primary question is when proxy_arp should be used. I've scouted the net and came up with the following: proxy_arp=0 ----------------- http://wiki.openvz.org/Quick_installation http://wiki.openvz.org/Using_veth_and_brctl_for_protecting_HN_and_saving_IP_addresses proxy_arp=1 ----------------- http://wiki.openvz.org/Virtual_Ethernet_device http://ckdake.com/content/2008/vlans-in-openvz.html > make sure that proxy_arp and forwarding are enabled for bond0.10 in > /proc/sys/net/ipv4/conf/bond0.10/ https://gforge.inria.fr/tracker/index.php?func=detail&aid=8459&group_id=411&atid=5117 Ambigous --------------- http://en.gentoo-wiki.com/wiki/OpenVZ_VLAN > echo "1" > /proc/sys/net/ipv4/conf/$x/proxy_arp and then later > I doubt that > echo "1" > /proc/sys/net/ipv4/conf/$x/proxy_arp > is actually needed, at least I've never used it and everything works fine > without proxy arp. I even have: > net.ipv4.conf.default.proxy_arp = 0 http://forum.openvz.org/index.php?t=msg&goto=10089 > The funny thing is it doesnt matter if i set the proxy arp to 0 or 1 in the > conf-file, networking within the vz is with both options possible. Summary: -------------- The openvz wiki recommends proxy_arp=0 in some cases, and in some proxy_arp=1. External sites recommend proxy_arp=1 and then some present varying experiences. Some discussions are based on the debian warning message itself, so there is some feedback loop involved as well :-). The cause for the debian proxy_arp=1 setting seems to be bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=387762 I have a similar setup; one private and one public address on the host node, and then other public addresses for the guests. This works without proxy_arp enabled. Worse, enabling proxy_arp produced arpsend warnings and possibly other problems. Maybe something else has changed from 2006 until now such that proxy_arp is not needed? If only openvz.org is trusted, it seems proxy_arp should only be used when using veth devices, and not venet devices. Perhaps you could contact upstream to get a more definite answer. BR Stefan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org