Re: [Xen-users] Virtual network disconnect?

["Dirk H. Schulz" <dirk.schulz@xxxxxxxxxxxxx>]

Hi Hardy,

Hardy schrieb:

> Hi Dirk :)
>
> > a) in which direction does the download go (from domU to net, from 
> net to domU, from dom0 to net, ....)?
> From domU to net. A service (here: webserver) offers files to download 
> (like a fileserver). If a user (like me at home) downloads the file 
> the breakdown happens.
> > b) did you setup iptables manually or do you use something like 
> shorewall for that?
> I set up them manually within a script like that:
> $ipt -t nat -A PREROUTING -d $external_ip -p tcp --dport 80 -j DNAT 
> --to 192.168.1.5
> (packet-forwarding enabled)
>
> > c) what exactly is script-nat?
> I think XEN3's nat is like the network in XEN2. New to XEN3 is 
> bridging and routing, but i don't use them.
There is bridging and routing with Xen 2.x as well. I use it a lot.

> every domU has a vifx.y in dom0's address space and its own IP, but 
> there is automatically routing/natting between them.
> > d) did you test if connection is reopened after some time (5 
> minutes, one hour, etc.)?
> No, I didn't. How to do that? Why should the connection reopens itself 
> in a natted net?
Just to make sure you did not set up intrusion detection (e. g. snort 
inline) which cuts down on network connections if traffic reaches a 
threshold limit. Something like that.
I think it cannot be a problem of your general networking concept since 
it works with smaller downloads. So there is either a problem with your 
kernel or a feature you do not remember setting up. :-)
Have you tested the same with a different protocol (let's say ftp or 
sftp or smb ...) so make sure the problem is not on the application layer?
Dirk

> Thx for answering,
> Hardy
>
> At 08:58 19.04.2006, Dirk H. Schulz wrote:
>
> > Hi Hardy,
> >
> > Hardy Wolf schrieb:
> >
> > > Hi,
> > >
> > > I have a XEN 3.0.1 - Debian Sarge (Rootserver). There is a dom0 with 
> > > connection to the internet (WAN-IP) and a domU with a local IP 
> > > (192.168.x.y). The network is forwarded with iptables and script-nat.
> > > All works fine until someone downloads a big file (last test ~100 
> > > MB). Suddenly the connection is lost. By checking all circumstances 
> > > I noticed that XEN is no longer able to send packets to the domU. 
> > > The connection from virtual to the real network is broken.
> > > How can I fix that?
> > > Does anybody know that problem?
> > >
> > > In XEN 2.0.7 I had that problem, too.
> > I think I have a similar setup with Xen 2.0.7, but not the same problem.
> >
> > Just to make things clear:
> > a) in which direction does the download go (from domU to net, from 
> > net to domU, from dom0 to net, ....)?
> > b) did you setup iptables manually or do you use something like 
> > shorewall for that?
> > c) what exactly is script-nat?
> > d) did you test if connection is reopened after some time (5 minutes, 
> > one hour, etc.)?
> > Dirk
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users