WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Xen on production enviroment

To: "John A. Sullivan III" <jsullivan@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Xen on production enviroment
From: Tim Durack <tdurack@xxxxxxxxx>
Date: Sun, 11 Sep 2005 21:07:54 -0400
Cc: xen-users@xxxxxxxxxxxxxxxxxxx, willmerstrog@xxxxxxxxxxxx
Delivery-date: Mon, 12 Sep 2005 01:05:49 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:references; b=lnUrB1396qshyiDxj0AkCMVn9rO2Iw92RSmDlPPrwnqnZoM/2pRSPjTkuapLdZ3707SftRqJGNvHPILgZezKlzyUBD2LPKr6+9gSMmokhBp2ngaRo5rAGRN2VaTl/sP9nMU0+untq1g6yHAKKGv5dB8thsuqz8cD0mZ1splgBrA=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <9e246b4d05090712146abc28d2@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <9e246b4d0509070707435ebefd@xxxxxxxxxxxxxx> <1126105247.8286.32.camel@localhost> <9e246b4d0509070839667ab104@xxxxxxxxxxxxxx> <9e246b4d05090712146abc28d2@xxxxxxxxxxxxxx>
Reply-to: tdurack@xxxxxxxxx
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Same thing doesn't work on a tg3 based system. Perhaps a driver bug?

Might explain why Ramiro is having problems too.

Tim:>

On 9/7/05, Tim Durack <tdurack@xxxxxxxxx> wrote:
Okay, I'll eat my words (just not my hat yet):

guest> ethtool -K eth0 tx off

fixed the checksum problem (at least on my system with an e100 driver.)

I'll try it again on my tg3 based system. I will eat my hat if it works there...

Apologies if I mislead anyone.

Tim:>



On 9/7/05, Tim Durack <tdurack@xxxxxxxxx > wrote:
Tried various combinations of disabling offloading using ethtool. Hasn't worked for me so far.

Tim:>


On 9/7/05, John A. Sullivan III < jsullivan@xxxxxxxxxxxxxxxxxxx> wrote:
On Wed, 2005-09-07 at 10:07 -0400, Tim Durack wrote:
> > I tried every possible network setup, routed, bridged-new, bridged-old,
> > all to no avail. I ended up with the old style bridged setup because it
> > was the last one I tried.
>
> > Everything else works, I evenhave a DHCP server in one of the guest
>
> > domains, which serves machines on a different subnet from the rest of
> > the machines, and everything works fine (as it was before), but I
> > cannot, for instance, ssh from Domain_0 to a guest domain.
>
>
> > I can ssh to anyother machine and ssh back to the guest domain from
> > there, and it works fine, only the direct connection fails, it hangs
> > never completes. I even used ethereal to try to figure what was going
>
> > on, but couldn't find anything, the connection just hangs there waiting
> > for a packet that never arrives.
>
> Sounds like the problem I have been experiencing.
>
> If you examine your packet capture carefully on the failed connections, you will probably see some transport layer checksum errors (tcp/udp.)
>
>
> If you want a routed setup, a workaround is to build gre tunnels over the top of the Dom0 vifX.0 <-> guest eth0 links.
>
> The new style bridged setup works, with the apparent limitation that Dom0 can now only be attached to one bridge group.
>
>
> If I remember correctly, vif0.0 should be bridged with vifX.0. veth0 should be assigned an appropriate address for your network.
> Dom0 veth0 is the equivalent of eth0 in a guest, vif0.0 being the matching end of the virtual link.
>
>
> Outside network access should work if you bridge eth0 in the same bridge group. Have fun if you want to run a firewall...
>
> Tim:>
<snip>
Hmmm . . . I'll take a stab in the dark at this.  I've seen those types
of errors with checksum offloading.  Someone on this list in reply to a
problem I was having mentioned that unstable implements checksum
offloading.  What happens if you disable it? - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@xxxxxxxxxxxxxxxxxxx

If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net




_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users