WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] dom0 can see connections from domU-s

from [Deyan Chepishev] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] dom0 can see connections from domU-s
From: Deyan Chepishev <dchepishev@xxxxxxxxx>
Date: Tue, 25 Aug 2009 01:48:51 +0300
Delivery-date: Mon, 24 Aug 2009 15:49:38 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=2zb3LP3v26FSZy9sJbeJ0hWQv75jCVu6lT8QAluF2g0=; b=GlATJ3rC95/ji6DnlzW/FNUgEiqIWo5C+QjBM9EUpuEyHA6djCtFKmZdAc9Ss2iBFk j7Ts722HzfKjNvndFI/nDxvvlWbBfJhb7y5lSNWHsndBT3w7tzlzka+XwuOc34xut3j/ LTzjfcfevTcQCLVT8mg6SNOISJLBKww14MI5I=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=ND21ZGqWI5wBpuPaEttfCVIwqWANIodWFgX/xQhofTY4+tws0AW5rtsfETQdYV1hlF Q2cLki2ewzgeGcBoVb8SLs0nvRE7jIq1S5lO0mbQU5u6tEhbx9dDR+rwvITKsSmG4Pac hRX3y7+MBWkOxhhGv0LSppDF2iy+Loh21nAv8=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.22) Gecko/20090710 Fedora/1.1.17-1.fc11 SeaMonkey/1.1.17 
Hello,

I have a little problem.
I can see all the guest (domU) connections in dom0's /proc/net/ip_conntrack. As you can imagine the conntrack table starts to get filled when lots of connections are made on domU machines. Is there a way to stop this behavior? 

My config is:
OS: Centos 5.3
XEN: xen-3.3.1-0 manually compiled from gitco's SRPMS
Kernel: 2.6.18-128.4.1.el5xen on bot dom0 and domU
I have had exactly the same problem before, but it disappeared after I manually compiled kernel 2.6.18 with xen patches. However I need an more up to date kernel now and want to use xen kernel from centos. 

I need help if someone know how can I prevent this from happening.

Thank you

Regards,
Deian



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-users] windows PV drivers, James Harper
Next by Date:  [Xen-devel] GPLPV drivers update, James Harper
Previous by Thread:  [Xen-users] windows PV drivers, Robbie Garrett
Next by Thread:  Re: [Xen-users] dom0 can see connections from domU-s, Fajar A. Nugraha
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy