Search Engine: Elastic

Article ID: 132116, created on Jan 23, 2018, last review on Jan 23, 2018

  • Applies to:
  • Operations Automation 7.2


Two Virtual Environments belong to different customers, however, they can communicate to each other over backnet. Configuration on Instance Manager Node side is correct. On Virtualization Node, the following can be seen:

# prlsrvctl privnet list
Name G Netmasks
vlan1 *
vlan2 *

{e98ecb39-3014-4e8c-1111-a9de9ca3bc8c} running CT 1000000.server-1000123-1
{15d65703-c603-485b-2222-780285e288c6} running VM 1000001.server-1000456-1
{1dc48b8e-74a5-42ff-3333-b90f08c35c17} running VM 1000001.server-1000789-1

According to weak privnet logic described in Weak Private Networks, the Virtual Environment with IP should not be able to ping IP, but should be able to reach In the case, it can reach both.

The issue can be reproduced by configuring private networks manually:

# prlsrvctl privnet del vlan2
# prlctl exec e98ecb39-3014-4e8c-1111-a9de9ca3bc8c ping # pinging from
PING ( 2(84) bytes of data.
64 bytes from icmp_seq=1 ttl=127 time=192 ms

# prlsrvctl privnet add vlan2 --ipadd ''
<ping works>

# prlsrvctl privnet set vlan2 --ipadd '*'
<ping works>


The root cause of the issue lies on Virtuozzo side and related to Virtuozzo 7 version. The same configuration on Virtuozzo 6 does not allow VEs from different 'vlans' to ping each other. Direct network connectivity is possible only within one 'vlan'. The issue is reproduced only in Virtuozzo 7.


Please contact Virtuozzo Support.

5356b422f65bdad1c3e9edca5d74a1ae caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07 31987597efff5a3a9ce779cc203bbe5e 1941880841f714e458ae4dc3d9f3062d

Email subscription for changes to this article
Save as PDF