Unable to make work both private and public ip network on openvz container in Proxmox

I'm using Proxmox 3, it is a fresh installation. For those who know, I'm using OVH Vrack 1.5 (along with a previous Vrack 1.0).

My server has two interface eth0 and eth1, I succeeded to configure both private and public ip on the host node, and I'm able to ping all my server on the vlan.

Now, I created an OpenVZ container, and I assign both a public and private ip in the Proxmox GUI (simple venet).

Let's say I use 172.16.0.129 for the internal network.

Once I login in the container, I'm able to successfully ping all my private network but I'm not able to reach any public ip.

Here is the host node configuration:

ifconfig

dummy0 Link encap:Ethernet HWaddr 8a:ee:41:c1:ec:53 inet6 addr: fe80::84ed:41ff:fec1:ec53/64 Scope:Link UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:29 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:1950 (1.9 KiB) eth0 Link encap:Ethernet HWaddr 00:32:90:a7:43:48 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:111570 errors:0 dropped:0 overruns:0 frame:0 TX packets:58220 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:140197486 (133.7 MiB) TX bytes:8647245 (8.2 MiB) eth1 Link encap:Ethernet HWaddr 00:25:90:54:43:49 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:421 errors:0 dropped:0 overruns:0 frame:0 TX packets:93 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:43258 (42.2 KiB) TX bytes:6322 (6.1 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:3879 errors:0 dropped:0 overruns:0 frame:0 TX packets:3879 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2507778 (2.3 MiB) TX bytes:2507778 (2.3 MiB) venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet6 addr: fe80::1/128 Scope:Link UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 RX packets:49 errors:0 dropped:0 overruns:0 frame:0 TX packets:28 errors:0 dropped:3 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3535 (3.4 KiB) TX bytes:2236 (2.1 KiB) vmbr0 Link encap:Ethernet HWaddr 00:25:90:a7:43:48 inet addr:5.135.14.28 Bcast:5.135.14.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:103047 errors:0 dropped:0 overruns:0 frame:0 TX packets:54482 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:137374926 (131.0 MiB) TX bytes:6823790 (6.5 MiB) vmbr1 Link encap:Ethernet HWaddr 86:ed:41:c1:ec:53 inet6 addr: fe80::84ed:41ff:fec1:ec53/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:7 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:578 (578.0 B) vmbr2 Link encap:Ethernet HWaddr 00:25:90:a7:43:49 inet addr:172.16.0.128 Bcast:172.31.255.255 Mask:255.240.0.0 inet6 addr: fe80::225:90ff:fea7:4349/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:349 errors:0 dropped:0 overruns:0 frame:0 TX packets:69 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:30789 (30.0 KiB) TX bytes:4794 (4.6 KiB) 

interfaces

auto lo iface lo inet loopback # for Routing auto vmbr1 iface vmbr1 inet manual post-up /etc/pve/kvm-networking.sh bridge_ports dummy0 bridge_stp off bridge_fd 0 # vmbr0: Bridging. Make sure to use only MAC adresses that were assigned to you. auto vmbr0 iface vmbr0 inet static address 5.135.14.28 netmask 255.255.255.0 network 5.135.14.0 broadcast 5.135.14.255 gateway 5.135.14.254 bridge_ports eth0 bridge_stp off bridge_fd 0 # bridge vrack 1.5 auto vmbr2 iface vmbr2 inet static address 172.16.0.128 netmask 255.240.0.0 broadcast 172.31.255.255 gateway 172.31.255.254 bridge_ports eth1 bridge_stp off bridge_fd 0 

And the routing table:

Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.16.0.129 0.0.0.0 255.255.255.255 UH 0 0 0 venet0 4.1.5.13 0.0.0.0 255.255.255.255 UH 0 0 0 venet0 5.135.14.0 0.0.0.0 255.255.255.0 U 0 0 0 vmbr0 172.16.0.0 0.0.0.0 255.240.0.0 U 0 0 0 vmbr2 0.0.0.0 5.135.14.254 0.0.0.0 UG 0 0 0 vmbr0 

The container routing table is the following:

Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 venet0 

and ifconfig

venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:127.0.0.2 P-t-P:127.0.0.2 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 RX packets:3 errors:0 dropped:0 overruns:0 frame:0 TX packets:21 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:252 (252.0 B) TX bytes:1594 (1.5 KB) venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:172.16.0.129 P-t-P:172.16.0.129 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 venet0:1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:4.1.5.173 P-t-P:4.1.5.173 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 

To resume:

• from the host I'm able to reach both public and private network.
• from the container I'm able to reach either the public or the private network depending on the order I assign ip addresses.

I compared to some existing Proxmox configuration which works great but I was not able to find any diffs.

Any help will be greatly appreciated. Thanks.