WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] xen networking on Debian with 2 nics

from [Ian fraser] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] xen networking on Debian with 2 nics
From: Ian fraser <ian.fraser@xxxxxxxxxx>
Date: Thu, 24 Nov 2005 10:51:39 +0000
Delivery-date: Thu, 24 Nov 2005 16:45:40 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <438598A4.8010705@xxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: ASM (UK) Limited
References: <43858D62.4080604@xxxxxxxxxx> <438598A4.8010705@xxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

Outstanding, that fixed it!
This was driving me crazy!
Many, many, many thanks :)

Regards

Ian

Pasi Tiittanen wrote:
Try next kind of vif-line:
vif = [ 'mac=AA:00:00:07:C5:2C,bridge=xen-br0', 'mac=AA:00:00:07:C5:2D,bridge=xen-br1' ]

--
Pasi Tiittanen

Ian fraser wrote:
Hello all,
Please can someone offer a suggestion, or if I have misunderstood something vital, point me in the right direction for what I wish to achieve.
I installed Debian 3.1, installed Xen and all relevant packages using aptitude (I had to use an unstable repository).
The box has 2 nics, one connected to my internal network and one connected to my adsl router as I intend to use this box to host my firewall, vpn and web server Linux boxes as virtual machines.
Dom0's /etc/network/interfaces:
----------------------------------------
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet manual
      up ifconfig $IFACE 0.0.0.0 up
      up ip link set $IFACE promisc on
      down ip link set $IFACE promisc off
      down ifconfig $IFACE down
----------------------------------------
So I need 2 bridges (so I can get my vpn & firewall machines to allow the right traffic in/out of our network).
So I run
/etc/xen/scripts/network start bridge=xen-br1 netdev=eth1 antispoof=no
Right?

When I run tcpdump on each of the bridge interfaces I see the expected traffic for that interface.

Set up a VM with 2 nics with the following config file:
----------------------------------------
kernel = "/boot/vmlinuz-2.6-xenU-tun"
memory = 64
name = "vpn"
nics=2
root = "/dev/hda1 ro"
disk = [ 'phy:/dev/vg00/vpn,hda1,w', 'phy:/dev/vg00/vpnswap,hda2,w' ]
vif = [ 'mac=AA:00:00:07:C5:2C', 'bridge=xen-br0', 'mac=AA:00:00:07:C5:2D', 'bridge=xen-br1' ]
----------------------------------------
I start the VM up and ipconfig in the VM shows
----------------------------------------
eth0      Link encap:Ethernet  HWaddr AA:00:00:07:C5:2C
         inet addr:192.168.0.230  Bcast:192.168.0.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:858 errors:0 dropped:0 overruns:0 frame:0
         TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:76754 (74.9 KiB)  TX bytes:158 (158.0 b)

eth1      Link encap:Ethernet  HWaddr AA:00:00:01:D2:48
         inet addr:192.168.101.1  Bcast:192.168.101.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:861 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:76912 (75.1 KiB)  TX bytes:0 (0.0 b)

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
----------------------------------------
Which shows a different mac address to the one I am expecting for eth1 as per the config file!! Is this the root of my problem?

So "brctl show" in Dom0 shows:
----------------------------------------
bridge name     bridge id               STP enabled     interfaces
xen-br0         8000.0008a1349cdc       no              eth0
                                                       vif1.0
                                                       vif1.1
                                                       vif1.2
xen-br1         8000.0008a1349c9f       no              eth1
                                                       vif1.3
----------------------------------------
Which I think is ok! Can anyone confirm?

When in the VM I do a tcpdump on each of the 2 nics I see the same traffic as if both interfaces are bridged with eth0 in Dom0, this is not what I want.
I have attempted reinstalling Dom0 from scratch twice and have tried building xen-testing from source but I get the same outcome. At this point I am willing to try almost anything (with the exception of running out and buying more hardware.)
I attempted to look for relevant posts to this mailing list, but unfortunately I haven't found anything that appears relevant to my problem. If I have missed stuff please don t flame :)
Any help would be most appreciated.

Regards

Ian



--------------------------------------------------------------------------------
The information in this message and any attachment is intended for the addressee and is confidential. If you are not that addressee, no action should be taken in reliance on the information and you should please reply to this message immediately to inform us of incorrect receipt and destroy this message and any attachments.

For the purposes of internet level email security incoming and outgoing emails may be read by personnel other than the named recipient or sender.

Whilst all reasonable efforts are made, ASM (UK) Ltd cannot guarantee that emails and attachments are virus free or compatible with your systems. You should make your own checks and ASM (UK) Ltd does not accept liability in respect of viruses or computer problems experienced.
--------------------------------------------------------------------------------



______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

The information in this message and any attachment is intended for the addressee and is confidential. If you are not that addressee, no action should be taken in reliance on the information and you should please reply to this message immediately to inform us of incorrect receipt and destroy this message and any attachments.

For the purposes of internet level email security incoming and outgoing emails may be read by personnel other than the named recipient or sender.

Whilst all reasonable efforts are made, ASM (UK) Ltd cannot guarantee that emails and attachments are virus free or compatible with your systems. You should make your own checks and ASM (UK) Ltd does not accept liability in respect of viruses or computer problems experienced.


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] xen networking on Debian with 2 nics, Reiner Dassing
Next by Date:  Re: [Xen-users] xen networking on Debian with 2 nics, Pasi Tiittanen
Previous by Thread:  Re: [Xen-users] xen networking on Debian with 2 nics, Pasi Tiittanen
Next by Thread:  You_visit_illegal_websites, Admin
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy