WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Migrating domUs behind a firewall backend domU

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Migrating domUs behind a firewall backend domU
From: Jan Behrend <jbehrend@xxxxxxxxxxxxxxxxx>
Date: Wed, 23 Apr 2008 08:37:44 +0200
Delivery-date: Tue, 22 Apr 2008 23:38:24 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <200804141354.39962.jbehrend@xxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: Max-Planck-Institut für Radioastronomie
References: <200804141354.39962.jbehrend@xxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.9.5
On Monday 14 April 2008 13:54, Jan Behrend wrote:
> I have the following setup:
>
> - standard Dom0, _without_ xen bridge
> - netbackend domU as a firewall, i.e. nic is exclusively used by this domU
> via pciback mechanism. This domU hosts the xen bridge and does the network
> setup for the other domUs (/etc/xen/scripts/vif-bridge etc.)
>
> - a bunch of domUs _behind_ this firewall domU
>
> This setup is described in
> http://lists.xensource.com/archives/html/xen-users/2005-07/msg00558.html
>
> Everything is working just fine. So far so good.
> My next goal is to migrate one of the domUs _behind_ the netbackend
> firewall to another machine with the same setup.  I know I cannot migrate
> the netbackend firewall domU.
>
> The migration works fine but unfortunately networking stops completely on
> the migrated domain. Otherwise it works just fine but has no network. This
> is what happens:
>
> On xenhost1 I do:
> # xm list
> # xen16                                     15      128     1 -b----    
> 14.4
>
> # xm migrate xen16 xenhost2 --live
> #
>
> This is what's then shown on xenhost2:
> # xm list
> # xen16                                     14      128     1 -b----     
> 0.0
>
> The following is the kernel output on the console.  When I hit enter I see
> the login screen again:
> # xm console xen16
> vif vif-0: 2 reading other end details from device/vif/0
> xenbus: resume (talk_to_otherend) vif-0 failed: -2
>
> Both Xenhosts are 64bit Debian Etch (Xen 3.0.3).  The common disk is hosted
> on an iSCSI target. Kernelversion is 2.6.18-5-xen-amd64 on all of the dom0s
> and domUs.
>
> This is the xen16.cfg on both Xenhosts:
> ***snip***
> kernel  = '/boot/vmlinuz-2.6.18-5-xen-amd64'
> ramdisk = '/boot/initrd.img-2.6.18-5-xen-amd64'
> memory  = '128'
> maxmem  = '256'
> root    = '/dev/sda1 ro'
> disk    =
> [ 'phy:/dev/disk/by-uuid/10875585-5295-4b1c-9043-3c87d052a3e7,sda1,w',
> 'phy:/dev/disk/by-uuid/b993558c-933c-4391-a7b8-c6904f934b0d,sda2,w' ]
>
> name    = 'xen16'
> vif  = [ 'mac=00:16:3E:40:53:23 , backend=netbackend' ]
> on_poweroff = 'destroy'
> on_reboot   = 'restart'
> on_crash    = 'restart'
> ***snip***
>
> I have the feeling that the migrated domU just does not get connected to
> the netbackend domU.  Because there are no network packets caught on either
> fo the firewall backends, I believe that firewall rules are not the
> problem. (I even flushed them to no avail)
>
> Anybody having thoughts on this?  Need more information?
>
> Cheers Jan Behrend

Anyone?  I just need a pointer in the right direction.  I figure out the rest 
and report.

-- 
Jan Behrend
Max-Planck-Institut fuer Radioastronomie
Abteilung fuer Infrarot-Technologie
Auf dem Huegel 69, D-53121 Bonn (Germany)
Tel: (+49) 228 525 319, Fax: (+49) 228 525 411
jbehrend@xxxxxxxxxxxxxxxxx http://www.mpifr-bonn.mpg.de

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>