| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Xen with 'Routing' scripts
Am Freitag, den 15.04.2005, 09:20 +0200 schrieb Roland Paterson-Jones:
> Hi
>
> I had a brief look at the routing scripts in /etc/xen/scripts.
> Essentially the main script turns on ip forwarding in dom-0, and the
> dom-U vif script seems to configure a 169.254.1.0 address for each vif
> (auto-configure address, I think), then enable proxy ARP on the vif.
>
> Some questions: How do remote machines pick up routing information for
> the dom-U's? Do I have to run a routing protocol in dom-0 (maybe with
> zebra) so that remote machines can 'see' the dom-U's?
Depends on network configuration: If you use bridging or proxy-arp or
NAT that's not necessary. If not, routes can be configured statically
into remote machines or dynamically via routing protocals like RIP or
OSPF.
This is not a Xen-specific question, look around for networking howtos.
> Could someone maybe explain the details of the ifconfig <vif>
> 169.254.1.0 ...
>From RFC 3330 <http://www.faqs.org/rfcs/rfc3330.html>:
169.254.0.0/16 - This is the "link local" block. It is allocated for
communication between hosts on a single link. Hosts obtain these
addresses by auto-configuration, such as when a DHCP server may not
be found.
You may use random IPs in this range as a poor backup alternative to
dhcp. MS Windows and many devices like printers use such IPs if they
cannot find a dhcp server.
> and what the proxy ARP stuff does?
It kinda "pseudo-bridging". For example if your domU and your dom0 shall
use ips within the same IP prefix (say 192.168.1.0/24), and another
physical host is acting as default gateway (lets say dom0=192.168.1.2,
domU=192.168.1.3, gw=192.168.1.1), there are (at least) four
alternatives:
* DNAT all domU-services on dom0
iptables -t nat -A PREROUTING -j DNAT -d 192.168.1.2 \
--dport 80 --to-destination 192.168.1.3
* hostroutes for domU
gw# ip route add 192.168.1.3/32 via 192.168.1.2
dom0# ip route add 192.168.1.3/32 dev vif1.0
* bridging
* proxy-arp: When gw tries to send an IP packet to domU it thinks domU
is link-local, so it tries to resolve 192.168.1.3 to a MAC address by
ARP-request. But that ARP-request can never reach domU (it's not
bridged). Now
ip route add 192.168.1.3/32 dev vif1.0
sysctl -w net.ipv4.conf.eth0.proxy_arp=1
(or has it to be "net.ipv4.conf.vif1.0.proxy_arp"?) tells dom0 to
reply to that ARP-request with dom0's MAC-address on behalf of domU.
A better way to do proxyarp are static arp entries:
<http://www.tldp.org/HOWTO/Proxy-ARP-Subnet/index.html>
So the xen-script 169.254.0.0/16 ips plus proxyarp on vif* is probably
for automagical inter-domU-communication.
/nils.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home