Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
zorruch2015-03-31 16:59:52
VPN
zorruch, 2015-03-31 16:59:52

Packet loss on bridge?

There is a certain server on ubunt, on which several virtual machines are cut using lxc.
The network setup in containers is done like this:

# Network configuration
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.hwaddr = xx:xx:xx:xx:xx:xx
lxc.network.ipv4.gateway = 1.1.1.1
lxc.network.ipv4 = 7.7.7.7/28

interface name br0 is a bridge on the host machine, to which all virtual machines cling.
The bridge itself is described on the host like this:
brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.001e67995d81       no              eth0
                                                        veth4XIW94
                                                        veth6Q9BSJ

Created in /etc/network/interfaces with tricky lines:
# device: eth0
auto  eth0


# device: br0
auto  br0
        iface br0 inet static
        address   1.1.1.1
        broadcast 1.1.1.255
        netmask   255.255.255.0
        gateway   1.2.1.1
#       default route to access subnet
        up  ip route add 7.7.7.7/28 dev br0;
        bridge_ports eth0
        bridge_fd 0
        bridge_maxwait 0

The bridge itself works, packets go through it and are not lost. There are no losses, even pinging the ip address on which br0 hangs (1.1.1.1 in the example)
However, if you do a trace (mtr command), you can see losses on the first hop of the order of 80%. The first hop is the hypervisor (interface br0)
What could be the problem? Where to start digging?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
T
throughtheether, 2015-04-01
@throughtheether

However, if you do a trace (mtr command), you can see losses on the first hop of about 80%.
If at the same time there are no “losses” on the last hop, if the working traffic is processed normally (without packet loss), then I don’t think this is a problem at all, rather a cosmetic nuance.
Where to start digging?
I am not an expert on the Linux networking subsystem, but I will assume that there is a restriction of ICMP traffic generated by the host. Check kernel options:
/proc/sys/net/ipv4/icmp_ratelimit
/proc/sys/net/ipv4/icmp_ratemask
/proc/sys/net/ipv4/icmp_msgs_per_sec
/proc/sys/net/ipv4/icmp_msgs_burst

Similar questions
S
S10LI2020-05-08 10:16:43
How to set up a bridge in SoftEther VPN? 0Reply
Z
ZoriN892020-05-09 18:47:35
Why is one client not connecting to OpenVpN? 1Reply
A
Artem Klimenko2015-11-13 21:55:11
Is there a VPN service with a desktop client and multiple exit points? 2Reply
W
WTFSU2018-03-23 15:21:48
How to block P2P traffic with Suricata (OpenVPN)? 2Reply
J
Jankos2020-05-14 00:49:22
VPN won't connect using shadeyouvpn? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question