On 2/5/07, Daniel S. Reichenbach <daniel.s.reichenbach@xxxxxxx> wrote:
Hi again,
first, I have to admit that english is not my native language,
mine neither, but we'll manage this :)
>So the guest is pingable from the outside, but can't ping to the
>outside and get replies back?
I can ping the IP addresses, yes. I can not ping anything from inside the guest.
Sounds strange.
please use tcpdump to see on which interface your packets get lost.
>At first glance, I see all the aliases you give for eth2:X and don't
>understand, what this is good for. I see you try to assign your
>different network segments, but I don't understand why and what for.
Perhaps I am lacking some knowledge in configuring network interfaces here?
I wanted to have my network card eth2 listen to the providers IP and to
the two aliases. Since I am quite new to this, I might have choosen the wrong
method.
What is your dom0 doing with so many aliases? Should dom0 be the
router for these alias networks? Or do firewalling. If so, you didn't
tell us yet, but it's an important thing to know to understand your
setup.
>Another important question: do you want to use bridged, nat or routed
>networking? For what kind of virtual setup are you heading here - can
>you give us a big picture of the whole network?
That's what I am not sure off. I'll try a little picture.
eth2 (( dom0 ))
eth2:1 eth2:2
(( used to host a small webserver )) (( hosting a mail server ))
Why do you want to run services on dom0's eth2:1 interface?
Don't you want to run these in domU's?
Than, I don't see what eth2:X are needed for here.
Or do you want to to destination natting on eth2 to forward everything
on eth2:1's IP adress and port 80 tom some domU.
Now I wanted the dom0 system to redirect all packages for the IP of eth2:1
to the matching XEN guest, same for eth2:2.
What is this for? If you use a bridge here, the packets get
automatically to the domU. Just give the right IP to the domU's
interface, instead of eth2:1/eth2:2.
BTW, this does still not tell us, which type of networking you are
trying to use. Which networs-script do you have configured in
xend-config.sxp?
Again, I am new to all this, so I'm not aware, which method is the right one for
me to use in such a case.
If that's just the wrong method to set things up, what's right?
Depends on what you want to do. If you want dom0 to act as a firewall
for the domU systems, then you need something more than a simple
bridging setup, right.
In the wiki the xen networking setups are explained.
Any help is very
much appreciated. Feeling totally stupid on this one.
> I also don't understand why you don't have an eth0 or eth1. Can you
>explain your hardware setup?
There is a eth0 and eth1 network interface available, but these are only used
for local networks, eth0 is connected to a backup host, eth1 is connected to my
private network.
>Look at brctl show if all interfaces are connected to bridges correctly.
So I ran xm create for the first guest, and after starting it, brctrl show gives
bridge name bridge id STP enabled interfaces
xenbr2 8000.feffffffffff no vif1.0
Now I checked if vif1.0 is really attached to my guest, and xm network-list for
the domain shows
Idx BE MAC Addr. handle state evt-ch tx-/rx-ring-ref BE-path
0 0 00:16:3e:43:34:ed 0 4 8 522 /523
/local/domain/0/backend/vif/1/0
If I am not totally stupid, this tells me, the virtual network interface of
my guest, is attached to xenbr2, which in turn is the bridge for eth2.
Hard to say something against that when I not want to insult you :)
but: as you see, only one vif is attached to the bridge, and this is
not the only belonging to dom0
I wonder how with this setup a ping can come trough to the domU from
the putside, but maybe you also have some forwarding stuff...
>3) when you hook your different subnet into one pohysical bridge
>(which is strrange and I donät see the reason what this should bring),
I'm not really sure, how to do this right. But I probably lack knowledge on
network setups in this case.
I would have to add routes in the dom0 for the guests, right?
It must not even be dom0. Could also be a domU in that is also bridged
to the outer interface.
But I see no use in haveing diffrent subnets in the same physical and
even setup a router for them, so machine that could communicate much
easier need to be routed in the same ohysical net. There could be
reasons, but it sounds strange.
Finally, it's hard to tell you how to get there if you don't know
exactly where you wanna go.
I'd really recommend reading he wiki pages about networking setups.
Then think about your network setup, and even take a pencil and do
some drawing, so yoiu are very clear which (virtual) interface should
have which addresses, and how and where routing takes place between
different networks.
Decide if you need simple bridged networking, or routed or natted
setup, and make sure you know why you are doing this and what it will
bring you.
If you have these, test and see how far you come, ask again here if
you have further problems, and maybe show us the drawing of the setup
you have done in the meantime so we get an idea of what you want to do
:)
Henning
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
| 
Home