On Tue, Aug 11, 2009 at 5:46 PM, Fajar A. Nugraha<fajar@xxxxxxxxx> wrote:
> On Tue, Aug 11, 2009 at 4:31 PM, Zhang Li<cindy.zhangli@xxxxxxxxx> wrote:
>> Hi, Fajar
>>> After that, I'd test whether vlan works before throwing in bridge and
>>> Xen to mix. For example, I'd create eth0.100 on top of eth0, and test
>>> it. If it works, I create br100 on top of eth0.100 and move the IP
>>> address to br100. After it works, I tell domU to use br100 as bridge.
>> I tried the way you told me, every thing is OK. eth0.100 works, br100
>> works and I tell domU to use br100.
>> And then assign one IP ADDRESS to it. it can't ping the address of
>> outside internet.
> OK one at a time :D
> By "br100 works", does that mean if you put IP address on that
> interface, you can access outside world (or at least other hosts also
> located on vlan100)?
yes. br100 can access outside world. Does it means vlan is ok? And the
domainUs in the same vlan can communicate.
> By "And then assign one IP ADDRESS to it. it can't ping the address of
> outside internet.", does that mean you put IP address on domU but it
> can't access anywhere? If yes, do a ping from domU and a tcpdump on
> br100 and eth0.100, see which packets are missing (does arp receives
> no reply? or is it only the icmp echo/reply gone missing)
yes. arp receives no reply. And ICMP echo/reply gone missing.
I think they can connect each other in the same vlan within the same
IP subnet .
if it connect to outside, it should need router. I don't know XEN
whether can do this.
> Another thing to check. Are you using old broadcom NIC with tg3
> driver? If yes, it's probably firmware problem. On one of my machines
> I can't get bridging to work until I updated its firmware.
>> Another question, does the domain U must need the 8021Q? When one
>> DomainU send one frame to another, will the bridge add the tag to the
>> frame with 8021Q?
>> I have some experiment here:
>> If domain U use the 8021Q module, it will add the tag to the frame by
>> itself and the vlan is setup, bridge doesn't need to add tag. But if
>> domain U doesn't use 8021Q module, I think the bridge will add the tag
>> to the frame, the problem of I have told still exists. I am confused.
> I'm not sure I understand your question. However you can do these:
> Scenario 1: you can have eth0, create a bridge on top of it, share it
> it domU, and do vlans in domU. It will work if you do NOT create the
> same vlan on dom0 (e.g. do not create eth0.100 on dom0, create it only
> on domUs). You may also need to set
> /proc/sys/net/bridge/bridge-nf-filter-vlan-tagged to 0 (not quite sure
> about this, as it has been a long time since I pass a trunk :P). From
> domU perspective this is similar with connecting to a switch using a
> trunk port.
> Scenario2: you can do vlans on dom0, create a bridge for each vlans,
> and tell domU to use the bridge. From domU perspective this is similar
> with connecting to a switch using an access port.
I think we are saying the same thing.
But I am not familar with the bridge of XEN, I don't know whether it
can implement the trunck link.
For Scenario2, either domain0 or domainU don't need the 8021Q. am I right?
Xen-users mailing list