Thank you,
I found my error.
The bridge (xen-br0)needs an ip (maybe the same like the interface in dom0)
and
you routes must point to the bridge (xen-br0) and not to eth0.
My right configuration:
eth0 Protokoll:Ethernet Hardware Adresse 00:A0:CC:D6:48:C2
inet Adresse:192.168.1.2 Bcast:192.168.1.255 Maske:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1320 Metric:1
lo Protokoll:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
vif1.0 Protokoll:Ethernet Hardware Adresse FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
xen-br0 Protokoll:Ethernet Hardware Adresse 00:A0:CC:D6:48:C2
inet Adresse:192.168.1.2 Bcast:192.168.1.255 Maske:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1320 Metric:1
Kernel IP Routentabelle
Ziel Router Genmask Flags Metric Ref Use
Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
xen-br0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 xen
Ralf
Ralf Lübben wrote:
> Hello,
>
> here are all the information:
>
> Routingtable:
>
> devel:~# route -n
> Kernel IP Routentabelle
> Ziel Router Genmask Flags Metric Ref Use
> Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0
> 0 eth0
>
---------------------------------------------------------------------------
> Bridgetable:
>
> devel:~# brctl show
> bridge name bridge id STP enabled interfaces
> xen-br0 8000.00a0ccd648c2 no eth0
>
> vif1.0
>
----------------------------------------------------------------------------
> Iptables:
>
> devel:~# iptables -L
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
>
----------------------------------------------------------------------------
> ifconfig dom0:
> devel:~# ifconfig
> eth0 Protokoll:Ethernet Hardware Adresse 00:A0:CC:D6:48:C2
> inet Adresse:192.168.1.2 Bcast:192.168.1.255 Maske:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1320 Metric:1
> RX packets:8 errors:0 dropped:0 overruns:0 frame:0
> TX packets:110 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenl�ge:1000
> RX bytes:1284 (1.2 KiB) TX bytes:5335 (5.2 KiB)
> Interrupt:11 Basisadresse:0xd400
>
> lo Protokoll:Lokale Schleife
> inet Adresse:127.0.0.1 Maske:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:708 errors:0 dropped:0 overruns:0 frame:0
> TX packets:708 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenl�ge:0
> RX bytes:105477 (103.0 KiB) TX bytes:105477 (103.0 KiB)
>
> vif1.0 Protokoll:Ethernet Hardware Adresse FE:FF:FF:FF:FF:FF
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:102 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenl�ge:0
> RX bytes:4284 (4.1 KiB) TX bytes:0 (0.0 b)
>
> xen-br0 Protokoll:Ethernet Hardware Adresse 00:A0:CC:D6:48:C2
> UP BROADCAST RUNNING MULTICAST MTU:1320 Metric:1
> RX packets:102 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenl�ge:0
> RX bytes:2856 (2.7 KiB) TX bytes:0 (0.0 b)
>
----------------------------------------------------------------------------
> ifconfig dom1:
> R-VPNGateway1:~# ifconfig
> eth0 Protokoll:Ethernet Hardware Adresse AA:00:00:51:6B:CA
> inet
> Adresse:192.168.1.10 Bcast:192.168.1.255 Maske:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:131 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenl�ge:1000
> RX bytes:0 (0.0 b) TX bytes:5502 (5.3 KiB)
>
> lo Protokoll:Lokale Schleife
> inet Adresse:127.0.0.1 Maske:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:109 errors:0 dropped:0 overruns:0 frame:0
> TX packets:109 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenl�ge:0
> RX bytes:9940 (9.7 KiB) TX bytes:9940 (9.7 KiB)
>
> --------------------------------------------------------------------
> ping from dom0 -> dom1:
> devel:~# ping 192.168.1.10
> PING 192.168.1.10 (192.168.1.10) 56(84) bytes of data.
>>From 192.168.1.2 icmp_seq=1 Destination Host Unreachable
>>From 192.168.1.2 icmp_seq=2 Destination Host Unreachable
>>From 192.168.1.2 icmp_seq=3 Destination Host Unreachable
>
>
> --- 192.168.1.10 ping statistics ---
> 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time
> 4028ms , pipe 3
> ------------------------------------------------------------------
> ping from dom0 -> dom1:
> R-VPNGateway1:~# ping 192.168.1.2
> PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
>>From 192.168.1.10 icmp_seq=1 Destination Host Unreachable
>>From 192.168.1.10 icmp_seq=2 Destination Host Unreachable
>>From 192.168.1.10 icmp_seq=3 Destination Host Unreachable
>
> --- 192.168.1.2 ping statistics ---
> 4 packets transmitted, 0 received, +3 errors, 100% packet loss, time
> 3029ms , pipe 3
>
>
> Fernando Maior wrote:
>
>> On 5/17/05, andrew mathes <amathes@xxxxxxxxxxxx> wrote:
>>> first off, make sure of a few things, that your card is actually bound
>>> to your bridge, and iptables on domO isn't screwing with anything, ie,
>>> here is my dom0 info:
>>>
>>> $ sudo brctl show
>>> Password:
>>> bridge name bridge id STP enabled interfaces
>>> xen-br0 8000.001143fd756c no eth0 <---note
>>> vif1.0
>>> vif2.0
>>> vif3.0
>>> vif4.0
>>> xen-br1 8000.001143fd756d no eth3
>>> vif1.1
>>> vif2.1
>>> vif3.1
>>> vif4.1
>>> $ sudo iptables --list
>>> Chain INPUT (policy ACCEPT)
>>> target prot opt source destination
>>>
>>> Chain FORWARD (policy ACCEPT) <----- note
>>> target prot opt source destination
>>>
>>> Chain OUTPUT (policy ACCEPT)
>>> target prot opt source destination
>>>
>>> i had to set up my networking myself, look in archives from me for my
>>> configs on that. (especially to get eth0 bound to xen-br0 consistently.
>>>
>>> On Tue, 17 May 2005, Ralf Lübben wrote:
>>>
>>> > Hello,
>>> >
>>> > I have the same problem. Is there a possibility that the
>>> > domains could communicate over the bridge?
>>> > I had a look with ethereal on the traffic. There are no are responses
>>> > for the requests.
>>> >
>>> > Thanks.
>>> > Ralf Lübben
>>> >
>>> >
>>> > Brian Bisaillon wrote:
>>> >
>>> >> xm list reveals the following information...
>>> >>
>>> >> Name Id Mem(MB) CPU State Time(s)
>>> >> Console
>>> >> Domain-0 0 315 0 r---- 2058.1
>>> >> Domain-1 11 342 0 -b--- 5.2
>>> >> 9611
>>> >> Domain-2 12 342 0 -b--- 3.9
>>> >> 9612
>>> >>
>>> >> Xen seems to be working beautifully but I have not yet
>>> >> figured out how to get Domain-0 to ping both Domain-1
>>> >> and Domain-2, how to get Domain-1 to ping both
>>> >> Domain-0 and Domain-2 and how to get Domain-2 to ping
>>> >> both Domain-0 and Domain-1.
>>> >>
>>> >> brctl show reveals the following information...
>>> >>
>>> >> bridge name bridge id STP enabled
>>> >> interfaces
>>> >> xen-br0 8000.feffffffffff no
>>> >> vif13.0
>>> >>
>>> >> vif14.0
>>> >>
>>> >> ifconfig vif13.0 reveals the following information...
>>> >>
>>> >> vif13.0 Link encap:Ethernet HWaddr
>>> >> FE:FF:FF:FF:FF:FF
>>> >> inet6 addr: fe80::fcff:ffff:feff:ffff/64
>>> >> Scope:Link
>>> >> UP BROADCAST RUNNING MULTICAST MTU:1500
>>> >> Metric:1
>>> >> RX packets:7 errors:0 dropped:0 overruns:0
>>> >> frame:0
>>> >> TX packets:0 errors:0 dropped:6 overruns:0
>>> >> carrier:0
>>> >> collisions:0 txqueuelen:0
>>> >> RX bytes:502 (502.0 b) TX bytes:0 (0.0 b)
>>> >>
>>> >> ifconfig vif14.0 reveals the following information...
>>> >>
>>> >> vif14.0 Link encap:Ethernet HWaddr
>>> >> FE:FF:FF:FF:FF:FF
>>> >> inet6 addr: fe80::fcff:ffff:feff:ffff/64
>>> >> Scope:Link
>>> >> UP BROADCAST RUNNING MULTICAST MTU:1500
>>> >> Metric:1
>>> >> RX packets:7 errors:0 dropped:0 overruns:0
>>> >> frame:0
>>> >> TX packets:0 errors:0 dropped:6 overruns:0
>>> >> carrier:0
>>> >> collisions:0 txqueuelen:0
>>> >> RX bytes:502 (502.0 b) TX bytes:0 (0.0 b)
>>> >>
>>> >> ifconfig xen-br0 reveals the following information...
>>> >>
>>> >> xen-br0 Link encap:Ethernet HWaddr
>>> >> FE:FF:FF:FF:FF:FF
>>> >> inet addr:192.168.0.1 Bcast:192.168.3.255
>>> >> Mask:255.255.255.255
>>> >> BROADCAST MULTICAST MTU:1500 Metric:1
>>> >> RX packets:0 errors:0 dropped:0 overruns:0
>>> >> frame:0
>>> >> TX packets:1 errors:0 dropped:0 overruns:0
>>> >> carrier:0
>>> >> collisions:0 txqueuelen:0
>>> >> RX bytes:0 (0.0 b) TX bytes:86 (86.0 b)
>>> >>
>>> >> ifconfig eth0 reveals the following information...
>>> >>
>>> >> eth0 Link encap:Ethernet HWaddr
>>> >> AA:00:00:00:00:11
>>> >> inet addr:192.168.0.2 Bcast:192.168.3.255
>>> >> Mask:255.255.252.0
>>> >> inet6 addr: fe80::a800:ff:fe00:11/64
>>> >> Scope:Link
>>> >> UP BROADCAST RUNNING MULTICAST MTU:1500
>>> >> Metric:1
>>> >> RX packets:0 errors:0 dropped:0 overruns:0
>>> >> frame:0
>>> >> TX packets:10 errors:0 dropped:0 overruns:0
>>> >> carrier:0
>>> >> collisions:0 txqueuelen:1000
>>> >> RX bytes:0 (0.0 b) TX bytes:628 (628.0 b)
>>> >>
>>> >> Did you notice that both eth0 and xen-br0 have the
>>> >> same IP address information?
>>> >>
>>> >> If I try to ping 192.168.0.1 from Domain-1 or
>>> >> Domain-2, it fails.
>>> >>
>>> >> Domain-1 has an IP address for its eth0 of 192.168.0.2
>>> >> and Domain-2 has an IP address for eth0 of 192.168.0.3
>>> >> and if I try to ping 192.168.0.2 from Domain-2 or ping
>>> >> 192.168.0.3 from Domain-1, it also fails.
>>> >>
>>> >> Finally, trying to ssh to 192.168.0.2 or 192.168.0.3
>>> >> from Domain-0 fails. I am using Suse 9.3 and my guest
>>> >> OSes are also Suse 9.3. Any help would be greatly
>>> >> appreciated. I have never used bridge utils in Linux
>>> >> before although I have use ip route and iptables
>>> >> extensively. I have never used VLANs under Linux yet
>>> >> either although I want to try that out eventually.
>>> >>
>>> >> Thanks!
>>
>> Hi,
>>
>> If you look at "ifconfig xen-br0" output, you will see that
>> the bridge is not up nor running. Please, issue the command
>> "ifconfig xen-br0 up" and see if it starts running/up.
>>
>> I recommend you to try looking at the scripts in /etc/xen/scripts,
>> specially the one that takes care of the bridges, there are certain
>> commands that I do not remember exactly, and they are key to
>> success with bridges. They begin with brctl command.
>>
>> I already have a script developed for creating and configuring
>> my bridges (about 5) and everything is working fine after I
>> developed that script. If you want, I can send you the script.
>>
>> Not today, because I am at home, and do not have access to
>> the scripts :(
>>
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
Home