# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1200582820 0
# Node ID 33dcf04d77152fe7086ceb1e89218e1e703d862d
# Parent 2d9a8a4d7e7398bf402e8a104ac8dafd7fe2ec5a
tools/docs: Fix example and default IP addresses.
In various places in documentation and code, IP addresses are provided
as examples, defaults, or dummy configuration. In general the
specific IP addresses used in Xen are not always appropriate. (For
example, 1.2.3.4 is used in a few places!)
The following addresses should be used:
* For examples and documentation, 192.0.2.0/24. (See RFC3330.)
* For defaults for private networks, a random network from RFC1918.
I have randomly selected 172.30.206.0/24 for this purpose and
documented this in at the only registry I know of,
www.ucam.org/cam-grin. This network should henceforth be used for
default configurations of local bridges, test networks, etc. in
Xen tools.
The following addresses should NOT be used:
* 10.0.*.*, 10.1.*.*, 192.168.0.*, 192.168.1.*, etc. Using these
addresses gives greatly increased likelihood of collision, as
ignorant network administrators and reckless middlebox vendors
often pick networks from the bottom of 10/8 and 192.168/16.
* 169.254.*.*. These are reserved for zeroconf (ad-hoc networking)
and should not be used for Xen private networks, bridges, etc.,
etc. Use of these addresses by Xen scripts causes trouble on hosts
(eg laptops) which find themselves in ad-hoc networking
environments. I think this is not hypothetical (!) since at least
one Linux distribution have specific code to detect this case and
cause Xen startup to fail iff the host already has an external
zeroconf address.
* 1.2.3.4. WTF !?
I have also used 127.0.255.255 in one place where apparently a dummy
address is needed (some Linux kernels won't accept a lack of an NFS
server address). If 127.0.255.255 is mistakenly used it is unlikely
to do any damage to real traffic even if it does escape into the
network at large.
Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
---
docs/man/xend-config.sxp.pod.5 | 2 -
docs/src/user.tex | 14 ++++++------
tools/examples/network-nat | 6 ++---
tools/examples/xeninfo.pl | 8 +++----
tools/examples/xmexample1 | 2 -
tools/examples/xmexample2 | 2 -
tools/python/xen/sv/CreateDomain.py | 6 ++---
tools/python/xen/xm/create.py | 2 -
tools/python/xen/xm/tests/test_create.py | 4 +--
tools/vnet/doc/man/vn.pod.1 | 6 ++---
tools/vnet/doc/vnet-xend.txt | 12 +++++-----
tools/xm-test/Writing_Tests_HOWTO | 12 ++++++----
tools/xm-test/configure.ac | 16 +++++++-------
tools/xm-test/lib/XmTestLib/NetConfig.py | 9 -------
tools/xm-test/tests/restore/04_restore_withdevices_pos.py | 8 +++----
tools/xm-test/tests/xapi/03_xapi-network_pos.py | 8 +++----
16 files changed, 55 insertions(+), 62 deletions(-)
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 docs/man/xend-config.sxp.pod.5
--- a/docs/man/xend-config.sxp.pod.5 Thu Jan 17 15:11:22 2008 +0000
+++ b/docs/man/xend-config.sxp.pod.5 Thu Jan 17 15:13:40 2008 +0000
@@ -124,7 +124,7 @@ An example configuration with relocation
=over 4
(xend-relocation-server yes)
- (xend-relocation-address 192.168.1.1)
+ (xend-relocation-address 192.0.2.192)
(network-script network-bridge)
(vif-script vif-bridge)
(dom0-min-mem 0)
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 docs/src/user.tex
--- a/docs/src/user.tex Thu Jan 17 15:11:22 2008 +0000
+++ b/docs/src/user.tex Thu Jan 17 15:13:40 2008 +0000
@@ -1807,7 +1807,7 @@ network by adding a line to \path{/etc/e
\begin{quote}
\begin{small}
\begin{verbatim}
-/export/vm1root 1.2.3.4/24 (rw,sync,no_root_squash)
+/export/vm1root 192.0.2.4/24 (rw,sync,no_root_squash)
\end{verbatim}
\end{small}
\end{quote}
@@ -2076,7 +2076,7 @@ iptables -A INPUT -p tcp --destination-p
# this command enables Xen relocations only from the specific
# subnet:
-iptables -I INPUT -p tcp -{}-source 192.168.1.1/8 \
+iptables -I INPUT -p tcp -{}-source 192.0.2.0/24 \
--destination-port 8002 -j ACCEPT
\end{verbatim}
@@ -5121,9 +5121,9 @@ and trying to ping them across the netwo
and trying to ping them across the network. For example, using machines
hostA and hostB:
\begin{verbatim}
-hostA# ifconfig vnif0004 10.0.0.100 up
-hostB# ifconfig vnif0004 10.0.0.101 up
-hostB# ping 10.0.0.100
+hostA# ifconfig vnif0004 192.0.2.100 up
+hostB# ifconfig vnif0004 192.0.2.101 up
+hostB# ping 192.0.2.100
\end{verbatim}
The vnet implementation uses IP multicast to discover vnet interfaces, so
@@ -5144,8 +5144,8 @@ on the vnet UDP port:
\end{verbatim}
If multicast is not being forwarded between machines you can configure
-multicast forwarding using vn. Suppose we have machines hostA on 10.10.0.100
-and hostB on 10.11.0.100 and that multicast is not forwarded between them.
+multicast forwarding using vn. Suppose we have machines hostA on 192.0.2.200
+and hostB on 192.0.2.211 and that multicast is not forwarded between them.
We use vn to configure each machine to forward to the other:
\begin{verbatim}
hostA# vn peer-add hostB
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/examples/network-nat
--- a/tools/examples/network-nat Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/examples/network-nat Thu Jan 17 15:13:40 2008 +0000
@@ -43,9 +43,9 @@ fi
function dhcp_start()
{
- if ! grep -q "subnet 10.0.0.0" "$dhcpd_conf_file"
+ if ! grep -q "subnet 192.0.2.0" "$dhcpd_conf_file"
then
- echo >>"$dhcpd_conf_file" "subnet 10.0.0.0 netmask 255.255.0.0 {}"
+ echo >>"$dhcpd_conf_file" "subnet 192.0.2.0 netmask 255.255.255.0 {}"
fi
"$dhcpd_init_file" restart
@@ -55,7 +55,7 @@ function dhcp_stop()
function dhcp_stop()
{
local tmpfile=$(mktemp)
- grep -v "subnet 10.0.0.0" "$dhcpd_conf_file" >"$tmpfile"
+ grep -v "subnet 192.0.2.0" "$dhcpd_conf_file" >"$tmpfile"
if diff "$tmpfile" "$dhcpd_conf_file" >&/dev/null
then
rm "$tmpfile"
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/examples/xeninfo.pl
--- a/tools/examples/xeninfo.pl Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/examples/xeninfo.pl Thu Jan 17 15:13:40 2008 +0000
@@ -21,10 +21,10 @@ require RPC::XML::Client;
##### CONFIG ######
-my %xenhosts = ("192.168.0.10" => {"port" => "9363"},
- "192.168.0.11" => {"port" => "9363"},
- "192.168.0.12" => {"port" => "9363"},
- "192.168.0.13" => {"port" => "9363"});
+my %xenhosts = ("192.0.2.10" => {"port" => "9363"},
+ "192.0.2.11" => {"port" => "9363"},
+ "192.0.2.12" => {"port" => "9363"},
+ "192.0.2.13" => {"port" => "9363"});
##### CONFIG END ###
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/examples/xmexample1
--- a/tools/examples/xmexample1 Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/examples/xmexample1 Thu Jan 17 15:13:40 2008 +0000
@@ -135,7 +135,7 @@ root = "/dev/hda1 ro"
# Root device for nfs.
#root = "/dev/nfs"
# The nfs server.
-#nfs_server = '169.254.1.0'
+#nfs_server = '192.0.2.1'
# Root directory on the nfs server.
#nfs_root = '/full/path/to/root/directory'
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/examples/xmexample2
--- a/tools/examples/xmexample2 Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/examples/xmexample2 Thu Jan 17 15:13:40 2008 +0000
@@ -171,7 +171,7 @@ root = "/dev/sda1 ro"
# Root device for nfs.
#root = "/dev/nfs"
# The nfs server.
-#nfs_server = '169.254.1.0'
+#nfs_server = '192.0.2.1'
# Root directory on the nfs server.
#nfs_root = '/full/path/to/root/directory'
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/python/xen/sv/CreateDomain.py
--- a/tools/python/xen/sv/CreateDomain.py Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/python/xen/sv/CreateDomain.py Thu Jan 17 15:13:40 2008 +0000
@@ -103,10 +103,10 @@ class CreatePage4( Sheet ):
Sheet.__init__( self, urlWriter, "Network settings", 4 )
self.addControl( ListControl( 'dhcp', [('off', 'No'), ('dhcp',
'Yes')], 'Use DHCP:' ) )
self.addControl( InputControl( 'hostname', 'hostname', 'VM Hostname:'
) )
- self.addControl( InputControl( 'ip_addr', '1.2.3.4', 'VM IP Address:'
) )
+ self.addControl( InputControl( 'ip_addr', '192.168.1.1', 'VM IP
Address:' ) )
self.addControl( InputControl( 'ip_subnet', '255.255.255.0', 'VM
Subnet Mask:' ) )
- self.addControl( InputControl( 'ip_gateway', '1.2.3.4', 'VM Gateway:'
) )
- self.addControl( InputControl( 'ip_nfs', '1.2.3.4', 'NFS Server:' ) )
+ self.addControl( InputControl( 'ip_gateway', '192.168.1.1', 'VM
Gateway:' ) )
+ self.addControl( InputControl( 'ip_nfs', '192.168.1.1', 'NFS Server:'
) )
class CreateFinish( Sheet ):
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/python/xen/xm/create.py
--- a/tools/python/xen/xm/create.py Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/python/xen/xm/create.py Thu Jan 17 15:13:40 2008 +0000
@@ -886,7 +886,7 @@ def preprocess_access_control(vals):
def preprocess_ip(vals):
if vals.ip or vals.dhcp != 'off':
- dummy_nfs_server = '1.2.3.4'
+ dummy_nfs_server = '127.0.255.255'
ip = (vals.ip
+ ':' + (vals.nfs_server or dummy_nfs_server)
+ ':' + vals.gateway
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/python/xen/xm/tests/test_create.py
--- a/tools/python/xen/xm/tests/test_create.py Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/python/xen/xm/tests/test_create.py Thu Jan 17 15:13:40 2008 +0000
@@ -68,7 +68,7 @@ disk = ['phy:/dev/virt-blkdev-backend/do
disk = ['phy:/dev/virt-blkdev-backend/dom1,sda1,w',
'phy:/dev/virt-blkdev-backend/usr,sda2,r']
root = "/dev/sda1 ro"
-extra = " profile=1 GATEWAY=10.0.1.254 NETMASK=255.255.0.0 IPADDR=10.0.134.1
HOSTNAME=dom1"
+extra = " profile=1 GATEWAY=192.0.2.254 NETMASK=255.255.255.0 IPADDR=192.0.2.1
HOSTNAME=dom1"
on_poweroff = 'destroy'
on_reboot = 'destroy'
on_crash = 'destroy'
@@ -83,7 +83,7 @@ on_crash = 'destroy'
'vcpus' : 4,
'nics' : -1,
'root' : '/dev/sda1 ro',
- 'extra' : ' profile=1 GATEWAY=10.0.1.254
NETMASK=255.255.0.0 IPADDR=10.0.134.1 HOSTNAME=dom1',
+ 'extra' : ' profile=1 GATEWAY=192.0.2.254
NETMASK=255.255.255.0 IPADDR=192.0.2.1 HOSTNAME=dom1',
'on_poweroff' : 'destroy',
'on_reboot' : 'destroy',
'on_crash' : 'destroy',
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/vnet/doc/man/vn.pod.1
--- a/tools/vnet/doc/man/vn.pod.1 Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/vnet/doc/man/vn.pod.1 Thu Jan 17 15:13:40 2008 +0000
@@ -48,9 +48,9 @@ to them and test connectivity without an
to them and test connectivity without any vms running.
For example, using vnif0004 on machines A and B:
- A> ifconfig vnif0004 10.0.0.11
- B> ifconfig vnif0004 10.0.0.12
- B> ping 10.0.0.11
+ A> ifconfig vnif0004 192.0.2.11
+ B> ifconfig vnif0004 192.0.2.12
+ B> ping 192.0.2.11
If the vnet device is enslaved to a bridge you will have to add the IP address
to the bridge instead. Use C<brctl show> or C<vn vnets> to see if a vnet
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/vnet/doc/vnet-xend.txt
--- a/tools/vnet/doc/vnet-xend.txt Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/vnet/doc/vnet-xend.txt Thu Jan 17 15:13:40 2008 +0000
@@ -108,19 +108,19 @@ It should also show in 'brctl show', wit
It should also show in 'brctl show', with its attached interfaces.
You can 'see into' a vnet from dom0 if you put an IP address on the bridge.
-For example, if you have vnet97 and a vm with ip addr 10.0.0.12 connected to
it,
+For example, if you have vnet97 and a vm with ip addr 192.0.2.12 connected to
it,
then
-ifconfig vnet97 10.0.0.20 up
+ifconfig vnet97 192.0.2.20 up
-should let you ping 10.0.0.12 via the vnet97 bridge.
+should let you ping 192.0.2.12 via the vnet97 bridge.
4) Examples
-----------
These assume a vnet with a bridge 'vnet97' has been created.
-Here's the full config for a vm on vnet 97, using ip addr 10.0.0.12:
+Here's the full config for a vm on vnet 97, using ip addr 192.0.2.12:
(vm
(name dom12)
@@ -130,7 +130,7 @@ Here's the full config for a vm on vnet
(image
(linux
(kernel /boot/vmlinuz-2.6-xenU)
- (ip 10.0.0.12:1.2.3.4::::eth0:off)
+ (ip 192.0.2.12:192.0.2.4::::eth0:off)
(root /dev/sda1)
(args 'rw fastboot 4')
)
@@ -149,7 +149,7 @@ If you run another vm on the same vnet:
(image
(linux
(kernel /boot/vmlinuz-2.6-xenU)
- (ip 10.0.0.11:1.2.3.4::::eth0:off)
+ (ip 192.0.2.11:192.0.2.4::::eth0:off)
(root /dev/sda1)
(args 'rw fastboot 4')
)
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/xm-test/Writing_Tests_HOWTO
--- a/tools/xm-test/Writing_Tests_HOWTO Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/xm-test/Writing_Tests_HOWTO Thu Jan 17 15:13:40 2008 +0000
@@ -104,12 +104,14 @@ a bridging environment. Xm-test currentl
a bridging environment. Xm-test currently only supports a range of
IPs, the dhcp feature will be added soon.
-The network tests will need to know what IPs to use. IPs are configured
-when you build xm-test. Xm-test uses the zeroconf address range by
-default, 169.254.0.1-169.254.255.255. If you'd like to set a new range,
-do so at configure time, a netmask and network address must also be defined:
+The network tests will need to know what IPs to use. IPs are
+configured when you build xm-test. Xm-test by default a range chosen
+at random from the RFC1918 private use space, and published at
+www.ucam.org/cam-grin, 172.30.206.1-172.30.206.254 from
+172.30.206.0/24. If you'd like to set a new range, do so at configure
+time, a netmask and network address must also be defined:
- # ./configure --with-net-ip-range=192.168.1.1-192.168.1.100
--with-network-address=192.168.1.0 --with-netmask=255.255.255.0
+ # ./configure --with-net-ip-range=192.0.2.1-192.0.2.100
--with-network-address=192.0.2.0 --with-netmask=255.255.255.0
The tests will not need to set network information, this is done by
the library once it's configured.
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/xm-test/configure.ac
--- a/tools/xm-test/configure.ac Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/xm-test/configure.ac Thu Jan 17 15:13:40 2008 +0000
@@ -56,24 +56,24 @@ fi
fi
# Network needs to know ips to use: dhcp or a range of IPs in the form
-# of: 192.168.1.1-192.168.1.100
+# of: 192.0.2.1-192.0.2.100
# If not dhcp, a netmask and network address must be supplied. Defaults to
-# zeroconf range.
-NET_IP_RANGE="169.254.0.1-169.254.255.255"
+# range allocated in www.ucam.org/cam-grin.
+NET_IP_RANGE="172.30.206.1-172.30.206.254"
AC_ARG_WITH(net-ip-range,
- [ --with-net-ip-range=ip-range Set a range of ip addresses to use for
xm-test guest domain networks. Can specify dhcp or a range of IPs:
192.168.1.1-192.168.1.100 [[default="169.254.0.1-169.254.255.255"]]],
+ [ --with-net-ip-range=ip-range Set a range of ip addresses to use for
xm-test guest domain networks. Can specify dhcp or a range of IPs:
192.0.2.1-192.0.2.100 [[default="172.30.206.1-172.30.206.254"]]],
[ NET_IP_RANGE="$withval" ])
iprange=`echo $NET_IP_RANGE | perl -e 'while(<>) { print if
/\d+\.\d+\.\d+\.\d+-\d+\.\d+\.\d+\.\d+/ }'`
-NETWORK_ADDRESS="169.254.0.0"
+NETWORK_ADDRESS="172.30.206.0"
AC_ARG_WITH(network-address,
- [ --with-network-address=ip Set network address to use with ip range
[[default="169.254.0.0"]]],
+ [ --with-network-address=ip Set network address to use with ip range
[[default="172.30.206.0"]]],
[ NETWORK_ADDRESS="$withval" ])
-NETMASK="255.255.0.0"
+NETMASK="255.255.255.0"
AC_ARG_WITH(netmask,
- [ --with-netmask=mask Set netmask to use with ip range
[[default="255.255.0.0"]]],
+ [ --with-netmask=mask Set netmask to use with ip range
[[default="255.255.255.0"]]],
[ NETMASK="$withval" ])
if test "x$NET_IP_RANGE" != "xdhcp" && test -z "$iprange"
diff -r 2d9a8a4d7e73 -r 33dcf04d7715 tools/xm-test/lib/XmTestLib/NetConfig.py
--- a/tools/xm-test/lib/XmTestLib/NetConfig.py Thu Jan 17 15:11:22 2008 +0000
+++ b/tools/xm-test/lib/XmTestLib/NetConfig.py Thu Jan 17 15:13:40 2008 +0000
@@ -69,12 +69,6 @@ def getXendNetConfig():
configfile.close()
return netenv
-def checkZeroconfAddresses():
- # Make sure there aren't existing zeroconf addresses.
- rc, out = traceCommand("ip addr show |grep \"inet 169.254\" | grep eth0")
- if rc == 0:
- raise NetworkError("Zeroconf addresses already used: %s" % out)
-
class NetConfig:
def __init__(self):
@@ -100,9 +94,6 @@ class NetConfig:
self.min_ip = ips[0]
self.__setMaxNumberIPs()
-
- if self.network == "169.254.0.0":
- checkZeroconfAddresses()
# Clean out any aliases in the network range for dom0's interface.
# If an alias exists, a test xendevice add command could fail.
diff -r 2d9a8a4d7e73 -r 33dcf04d7715
tools/xm-test/tests/restore/04_restore_withdevices_pos.py
--- a/tools/xm-test/tests/restore/04_restore_withdevices_pos.py Thu Jan 17
15:11:22 2008 +0000
+++ b/tools/xm-test/tests/restore/04_restore_withdevices_pos.py Thu Jan 17
15:13:40 2008 +0000
@@ -48,11 +48,11 @@ try:
if run["return"] != 0:
FAIL("Unable to write to block device hdb2!")
- run = console.runCmd("ifconfig eth0 169.254.0.1 netmask 255.255.255.0")
+ run = console.runCmd("ifconfig eth0 172.30.206.1 netmask 255.255.255.240")
if run["return"] != 0:
FAIL("Unable to configure DomU's eth0")
- run = console.runCmd("ifconfig eth1 169.254.1.1 netmask 255.255.255.0")
+ run = console.runCmd("ifconfig eth1 172.30.206.17 netmask 255.255.255.240")
if run["return"] != 0:
FAIL("Unable to configure DomU's eth1")
@@ -114,11 +114,11 @@ try:
run = console.runCmd("ifconfig")
if not re.search("eth0", run["output"]):
FAIL("DomU's eth0 disappeared")
- if not re.search("169.254.0.1", run["output"]):
+ if not re.search("172.30.206.1", run["output"]):
FAIL("DomU's eth0 lost its IP")
if not re.search("eth1", run["output"]):
FAIL("DomU's eth1 disappeared")
- if not re.search("169.254.1.1", run["output"]):
+ if not re.search("172.30.206.17", run["output"]):
FAIL("DomU's eth1 lost its IP")
if not re.search("Loopback", run["output"]):
FAIL("DomU's lo disappeared")
diff -r 2d9a8a4d7e73 -r 33dcf04d7715
tools/xm-test/tests/xapi/03_xapi-network_pos.py
--- a/tools/xm-test/tests/xapi/03_xapi-network_pos.py Thu Jan 17 15:11:22
2008 +0000
+++ b/tools/xm-test/tests/xapi/03_xapi-network_pos.py Thu Jan 17 15:13:40
2008 +0000
@@ -39,18 +39,18 @@ if status:
# Configure IP addresses on two domains
try:
# Run 'ls'
- run = console1.runCmd("ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up")
- run = console2.runCmd("ifconfig eth0 192.168.0.2 netmask 255.255.255.0 up")
+ run = console1.runCmd("ifconfig eth0 172.30.206.1 netmask 255.255.255.0
up")
+ run = console2.runCmd("ifconfig eth0 172.30.206.2 netmask 255.255.255.0
up")
except ConsoleError, e:
saveLog(console.getHistory())
FAIL(str(e))
# Now ping...
try:
- run = console1.runCmd("ping -c 4 192.168.0.2")
+ run = console1.runCmd("ping -c 4 172.30.206.2")
if run['return'] > 0:
FAIL("Could not ping other host")
- run = console2.runCmd("ping -c 4 192.168.0.1")
+ run = console2.runCmd("ping -c 4 172.30.206.1")
if run['return'] > 0:
FAIL("Could not pint other host")
except ConsoleError, e:
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|