WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Prob Connecting VM through http or ssh

To: Dustin.Henning@xxxxxxxxxxx, xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Prob Connecting VM through http or ssh
From: "Mahendra Kutare" <mahendra.kutare@xxxxxxxxx>
Date: Wed, 6 Aug 2008 10:16:58 -0400
Cc:
Delivery-date: Wed, 06 Aug 2008 07:17:40 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=1TEPSN8MBMWt5fuUORbq+ZmMaF87BuY6jTmwjRrq0VA=; b=g4kmcWvqEQMgR3r+lxkdTQzFzjMuU7LT3grWFZXd+alePhj39HLwh9FNISr7jbdeuJ J2WIV0XgtnIUKoPgexJlzeJqrPt1FaFRhkipDpM3B90PsU1jUwhGhEW+xtbKwaTZSB7z RrkrK4AzED0N1ZPm4J9j5tOlIj1ruLcWRsmNs=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=gzpoK5a7Zp9vkO3n20xTMSP8ueLwveFMOtbpgjKcLVug4LlvWJC40VM/zrbtboMd+Y reQF2tN7/qGCoxBEnpuws36NYjOgNakGY2xUBnJLCMpG7pp6X3l3SzOCwy4jiuy/TTb6 HFpOfnJN8qujbvksfKZ84oj7h04+IBqljNttU=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <6324604609838612778@unknownmsgid>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <669f1ab30808060659u1b49b036j7ee1e9560f63330a@xxxxxxxxxxxxxx> <6324604609838612778@unknownmsgid>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
This is how my DOM0 - IP table look like -

[root@gdrd59 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:webcache
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match --physdev-in vif6.0
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match --physdev-in eth0 ! --physdev-out eth0
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match ! --physdev-in eth0 --physdev-out eth0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
############################################################################################################
domU IP Table looks like this -

[root@besim ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination   
############################################################################################################
So as can be seen dom0 as forwarding table entry here. Am i doing something wrong in forwarding ?

Thanks
Mahendra

On Wed, Aug 6, 2008 at 10:08 AM, Dustin Henning <Dustin.Henning@xxxxxxxxxxx> wrote:
       Your VM probably has its own firewall/iptables configuration…  This would need reconfigured along with the one on Dom0.  If you don't have firewall/iptables on your DomU, then perhaps your rules in the iptables Forwarding table on Dom0 are wrong.  Traffic going to a DomU will go through the Forwarding table instead of the Incoming table where traffic for Dom0 goes, I believe this would be true for both bridging and routing.
       Dustin

From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Mahendra Kutare
Sent: Wednesday, August 06, 2008 09:59
To: Xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Prob Connecting VM through http or ssh

Hi ,

I am a newbie to Xen. I created a VM and associated an IP address.

Next, i disabled firewall and on ip tables allowed port 80, 22 and 8080 (for my tomcat installation) .

I started httpd on VM (domU) and dom0.

After that I tried connecting to dom0 httpd (webserver) port 80 from another physical server. This works and shows me the correct page when i do - http://<dom0-machine-ip>:80/. Then i try ssh to dom0 machine it works.

But when i try to do the same for VM (domU) on dom0 on browser as  - http://<domU-VM-ip>:80/ it does not work. Also when i try ssh to domU machine ip it says - Access Denied.

Please help me resolve this. What it is that i am missing here ?

Thanks
Mahendra




_______________________________________________
Xen-users mailing list
http://lists.xensource.com/xen-users



--
Only those who can risk going too far, can find out how far one can go.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>