WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Re: problems with xen installation

from [Fernando Maior] [Permanent Link][Original]
To: Anand <xen.mails@xxxxxxxxx>
Subject: Re: [Xen-users] Re: problems with xen installation
From: Fernando Maior <fernando.souto.maior@xxxxxxxxx>
Date: Mon, 2 Jan 2006 08:48:03 -0200
Cc: Xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 02 Jan 2006 10:53:07 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Dhb9EHKHG/I1xHaS8dPRivTAe7YuJusdWt4aDfeQa3YfyOlvd7xqbH1+3RLxynvN0ReGRpgzzn1LprftxlBwzheqcMoPjzWE3Y3f8v0wAs/mZ1yiF7hHpXBKk4SOy2T+dHtCbnVp4XFD/GRD2hfDl41nFF0Z4zm0eVUCTwHdyJU=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <acb757c00512300859r7a54285ejc5cfcfaf82dbad28@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <6a7b2d540512290856m7f0a774h8e132104050891ef@xxxxxxxxxxxxxx> <acb757c00512292121q69401768n94c93188b499f453@xxxxxxxxxxxxxx> <6a7b2d540512300223pd6ecaah2bb9c874497eb255@xxxxxxxxxxxxxx> <acb757c00512300430w78bf0b96qde89b2937dc1274b@xxxxxxxxxxxxxx> <20051230134459.GA10278@xxxxxxxxxxxxxx> <acb757c00512300653w68d2cfa3k2760c85b24dec4d9@xxxxxxxxxxxxxx> <20051230151426.GH10278@xxxxxxxxxxxxxx> <acb757c00512300728y41b7135dv743975348eee0385@xxxxxxxxxxxxxx> <6a7b2d540512300742y3b00cd5cma2cac2179fd8a9de@xxxxxxxxxxxxxx> <acb757c00512300859r7a54285ejc5cfcfaf82dbad28@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
On 12/30/05, Anand <xen.mails@xxxxxxxxx> wrote:
> Dear Fernando,
>
> Thanks for the information.
>
> I looked at the vif-bridge file however confused on how to proceed. First as
> Andy pointed out the foremost point would be to get a constant vifname
> everytime the domain starts up only then any bandwidth calculation could
> work.
>
> Looks like i need to get my hands on someone who knows more on this and
> perhaps help me achieve this since i am unable to work on it much :((
>
> On 12/30/05, Fernando Maior <fernando.souto.maior@xxxxxxxxx> wrote:
> > On 12/30/05, Anand <xen.mails@xxxxxxxxx> wrote:
> > > Dear Andy,
> > >
> > > Thanks for all the help. I will try it out.
> > >
> > >
> > > On 12/30/05, Andy Smith < andy@xxxxxxxxxxxxxx> wrote:
> > > >
> > > > On Fri, Dec 30, 2005 at 08:23:42PM +0530, Anand wrote:
> > > > >
> > > > >    Dear Andy,
> > > > >    Thanks for the reply.
> > > > >    >As you noted the vif name will change every time a domain is
> > > > >    >restarted.  In Xen 2.x you can use the vifname config directive
> to
> > > > >    >hardcode vif names per domain.  You can also do this in 3.0 if
> you
> > > > >    >use a snapshot of -unstable that has this functionality
> (apologies,
> > > > >    >I do not know exactly when it was (re)added).
> > > > >    Thanks, thats indeed excellent news. May i ask is the snapshot
> stable
> > > > >    enough to use on the production box (sorry if it sounds a stupid
> > > > >    question to you). I am using 3.0 stable rpm from xensource on
> centos
> > > > >    4.1 right now.
> > > >
> > > > I can't advise on this I'm afraid as I'm not using it heavily in
> > > > production.
> > > >
> > > > It works nicely in the latest 2.x which is what I'm running in
> > > > production.
> > > >
> > > > >    >You can measure the bandwidth use of the vif interfaces in dom0,
> > > > >    >either by parsing /proc/net/devices periodically or by polling
> SNMP.
> > > > >    This will give the problem of the vifname changing everytime and
> > > hence
> > > > >    loosing track of the vif to whom the bandwidth should be
> accounted
> > > to.
> > > >
> > > > Yes you do need to use vifname for this to work.
> > > >
> > > > >    >Finally you could also use iptables in dom0 and the physdev
> module
> > > > >    >to add rules for traffic going in/out particular vifs, and poll
> its
> > > > >    >counters to measure bandwidth.
> > > > >    Is it possible for you to direct me to some examples ? It will
> really
> > > > >    help.
> > > >
> > > > This too requires static vif names.  Off the top of my head:
> > > >
> > > > iptables -N accounting_in
> > > > iptables -N accounting_out
> > > >
> > > > iptables -A FORWARD -m physdev --physdev-out vif+ -j accounting_in
> > > > iptables -A FORWARD -m physdev --physdev-in  vif+ -j accounting_out
> > > >
> > > > iptables -A accounting_in  -m physdev --physdev-out vif-foo+ -j RETURN
> > > > iptables -A accounting_out -m physdev --physdev-in  vif-foo+ -j RETURN
> > > >
> > > > The above iptables commands check all forwarded traffic to see if it
> > > > came from/to a vif, if they do they are checked to see if they
> > > > specifically went through an interface name matching "vif-foo*".
> > > > You can then use
> > > >
> > > > iptables -v --list accounting_in
> > > > iptables -v --list accounting_out
> > > >
> > > > to view the packet and byte counters for those tables.
> > > >
> > > > Note this matches only IP traffic.  You'll need to use ip6tables to
> > > > match IPv6.
> > > >
> > > > Without static vif names you could add rules to the bridge interface
> > > > and try to match only things going to or coming from the IP
> > > > addresses that you have assigned but that seems even more hackish to
> > > > me..
> > > >
> > > >
> > > >
> > > > -----BEGIN PGP SIGNATURE-----
> > > > Version: GnuPG v1.4.1 (GNU/Linux)
> > > >
> > > >
> > >
> iD8DBQFDtU7SIJm2TL8VSQsRAtBrAKDW6fAWiPi3DoMD3hG2375VEBoONQCgpTvA
> > > > poJ7lh1XIbW7dwT/PhuLqh0=
> > > > =xw9q
> > > > -----END PGP SIGNATURE-----
> > > >
> > > >
> > > > _______________________________________________
> > > > Xen-users mailing list
> > > > Xen-users@xxxxxxxxxxxxxxxxxxx
> > > > http://lists.xensource.com/xen-users
> > > >
> > > >
> > >
> > >
> > > _______________________________________________
> > > Xen-users mailing list
> > > Xen-users@xxxxxxxxxxxxxxxxxxx
> > > http://lists.xensource.com/xen-users
> > >
> > >
> >
> > Anand,
> >
> > You can tweak /etc/xen/scripts/vif-bridges in order to include the
> > iptables {add|delete} rules when the domain is started/shutdown.
> >
> > --
> > Bye,
> > Fernando Maior
> > LPIC/1(31908)
> > LinuxCounter(391325)
> >
>
>

Anand,

I just started and then shutdown a domain. Rules on iptables were
created, but NOT deleted. Should be some problem running the
shutdown scripts, take care about them!

--
Bye,
Fernando Maior
LPIC/1(31908)
LinuxCounter(391325)

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] Error: Error creating domain: unpack list of wrong size, Konstantinos Pachopoulos
Next by Date:  Re: [Xen-users] mac address problem, Goetz Bock
Previous by Thread:  [Xen-users] Error: Error creating domain: unpack list of wrong size, Konstantinos Pachopoulos
Next by Thread:  Re: [Xen-users] Re: problems with xen installation, Anand
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy