Setting up a dedicated server on Online.net

Online.net provides failover IPs in a different subnet from the primary ip.
Note the following:

# grep ^[^#] /etc/vz/vz.conf
VIRTUOZZO=yes
LOCKDIR=/var/lib/vz/lock
DUMPDIR=/var/lib/vz/dump
VE0CPUUNITS=1000
LOGGING=yes
LOGFILE=/var/log/vzctl.log
LOG_LEVEL=0
VERBOSE=0
DISK_QUOTA=yes
VZFASTBOOT=no
NEIGHBOUR_DEVS=all
ERROR_ON_ARPFAIL="no"
TEMPLATE=/var/lib/vz/template
VE_ROOT=/var/lib/vz/root/$VEID
VE_PRIVATE=/var/lib/vz/private/$VEID
VZWDOG="no"
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length"
IPTABLES_MODULES="$IPTABLES"
IPV6="yes"
IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT"
[email protected]:~# grep ^[^##] /etc/vz/vz.conf
VIRTUOZZO=yes
LOCKDIR=/var/lib/vz/lock
DUMPDIR=/var/lib/vz/dump
VE0CPUUNITS=1000
LOGGING=yes
LOGFILE=/var/log/vzctl.log
LOG_LEVEL=0
VERBOSE=0
DISK_QUOTA=yes
VZFASTBOOT=no
NEIGHBOUR_DEVS=all
ERROR_ON_ARPFAIL="no"
TEMPLATE=/var/lib/vz/template
VE_ROOT=/var/lib/vz/root/$VEID
VE_PRIVATE=/var/lib/vz/private/$VEID
VZWDOG="no"
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length"
IPTABLES_MODULES="$IPTABLES"
IPV6="yes"
IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT"

The change needed is to change the default:

NEIGHBOUR_DEVS=detect

to:

NEIGHBOUR_DEVS=all

From the man page:

man vz.conf

NEIGHBOUR_DEVS=”detect”
Controls on which interfaces to add/remove ARP records for a container IP, also which interfaces to use to query/announce ARP. If this is set to
detect, the right network interface (the one which is in the same subnet as a CT IP) will be chosen automatically. Any other value restores old (as
of vzctl 3.0.19 or older) behavior, when all the possible interfaces were used.

The network configuration need not be changed, and defaults to:

cat /etc/network/interfaces
auto lo
iface lo inet loopback
# The primary network interface
auto vmbr0
iface vmbr0 inet static
        address MYMAINIP
        netmask 255.255.255.0
        network 62.210.137.0
        broadcast 62.210.137.255
        gateway 62.210.137.1
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.