Strange problem here ... I am using OpenVZ and have 3 containers. My setup worked fine for 3 years and yesterday something happend and i can't seem to find the issue on one container. The other 2 works as expected.
This is my openvz setup
[root@node1 ~]# vzlist -a
CTID NPROC STATUS IP_ADDR HOSTNAME
101 133 running 67.212.65.43 serveur1.***.com
102 139 running 67.212.65.44 serveur2.***.com
103 187 running 67.212.65.45 serveur3.***.com
The faulty container is on 67.212.65.43 The other 2 is working fine My provider told me everything is ok from there end for 67.212.65.43
[root@node1 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
67.212.65.44 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
67.212.65.45 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
67.212.65.46 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
67.212.65.43 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
67.212.65.40 0.0.0.0 255.255.255.248 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 67.212.65.41 0.0.0.0 UG 0 0 0 eth0
I can enter the faulty container by typing:
vzctl enter 101
This is what I tryed so fare:
[root@serveur1 /]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms
[root@serveur1 /]# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
send: Operation not permitted
[root@serveur1 /]# nslookup 8.8.8.8
;; connection timed out; no servers could be reached
I tryed doing an iptables -F but that did not solve anything. the current rules is:
[root@serveur1 etc]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
Chain ALLOWIN (0 references)
target prot opt source destination
Chain ALLOWOUT (0 references)
target prot opt source destination
Chain DENYIN (0 references)
target prot opt source destination
Chain DENYOUT (0 references)
target prot opt source destination
Chain INVALID (0 references)
target prot opt source destination
Chain INVDROP (0 references)
target prot opt source destination
Chain LOCALINPUT (0 references)
target prot opt source destination
Chain LOCALOUTPUT (0 references)
target prot opt source destination
Chain LOGDROPIN (0 references)
target prot opt source destination
Chain LOGDROPOUT (0 references)
target prot opt source destination
Chain cpanel-dovecot-solr (0 references)
target prot opt source destination
Chain f2b-sshd (0 references)
target prot opt source destination
I started checking my server network config ... But like I said, it worked fine for 3 years ... I am king of lost and need help finding the issue.
resolv.conf:
Generated by NetworkManager
nameserver 8.8.8.8 nameserver 8.8.4.4
ifconfig
[root@serveur1 etc]# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 60 bytes 4200 (4.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 60 bytes 4200 (4.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
venet0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP> mtu 1500
inet 127.0.0.1 netmask 255.255.255.255 broadcast 0.0.0.0 destination 127.0.0.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 0 (UNSPEC)
RX packets 45325 bytes 2970128 (2.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 51 bytes 14395 (14.0 KiB)
TX errors 0 dropped 2 overruns 0 carrier 0 collisions 0
venet0:0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP> mtu 1500
inet 67.212.65.43 netmask 255.255.255.255 broadcast 67.212.65.43 destination 67.212.65.43
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 0 (UNSPEC)
Everything seems to be set up right ... Let me know what extra info you need and i will post an edit.
