Previous page

Next page

Locate page in Contents

Print this page

Configuring Network Classes

Virtuozzo allows you to track the inbound and outbound network traffic as well as to shape the outgoing traffic for a virtual machine or Container. To provide the ability to distinguish between domestic and international traffic, a concept of network classes is introduced. It is important to fully understand this notion, because network classes IDs are used in the values of some network traffic parameters. A network class is a range of IP addresses for which Virtuozzo counts and shapes the traffic.

Classes are specified in the /etc/vz/conf/networks_classes file. The file is in the ASCII format, and all empty lines and lines starting with the # sign are ignored. Other lines have the following format:

<class_id> <IP_address>/<prefix_length>

where <class_id> defines the network class ID, and the <IP_address>/<prefix_length> pair defines the range of IP addresses for this class. There may be several lines for each class.

Classes 0 and 1 have special meanings:

  • Class 0 defines the IP address range for which no accounting is performed. Usually, it corresponds to the Hardware Node subnet (the Hardware Node itself and its virtual machines and Containers). Setting up class 0 is not required; however, its correct setup improves performance.
  • Class 1 is defined by Virtuozzo to match any IP address. It must be always present in the network classes definition file. Therefore, it is suggested not to change the default line in the networks_classes file.

    1 0.0.0.0/0

    If your virtual machines and Containers are using IPv6 addresses, you can also add the following line to this file:

    1 ::/0

Other classes should be defined after class 1. They represent exceptions from the "matching-everything" rule of class 1. The example below illustrates a possible configuration of the network classes definition file containing rules for both IPv4 and IPv6 addresses:

# Hardware Node networks
0 192.168.0.0/16

0 fe80::/64

# any IP address (all traffic)
1 0.0.0.0/0

1 ::/0

# class 2 – addresses for the "foreign" traffic
2 10.0.0.0/8
2 2001:db88::/64

# inside "foreign" network there
# is a hole belonging to "local" traffic
1 10.10.16.0/24

1 2001:db88:3333::/64

In this example, IPv4 addresses in the range of 192.168.0.0 to 192.168.255.255 and IPv6 addresses in the range of fe80:: to fe80::ffff:ffff:ffff:ffff are treated as class 0 addresses and no accounting is done for the traffic from virtual machines and Containers destined to these addresses.

Class 2 matches the following IP addresses:

  • IPv4 addresses from 10.0.0.0 to 10.255.255.255 with the exception of addresses in the sub-range of 10.10.16.0 to 10.10.16.255, which are treated as class 1.
  • IPv6 addresses from 2001:db88:: to 2001:db88::ffff:ffff:ffff:ffff with the exception of addresses in the sub-range of 2001:db88:3333:: to 2001:db88:3333::ffff:ffff:ffff:ffff, which are also treated as class 1.

All other IP addresses (both IPv4 and IPv6) belong to class 1.

Note: After editing the /etc/vz/conf/networks_classes file, execute either the /etc/init.d/vz accrestart or service vz accrestart command for the changes made to the file to take effect.
Top of page