WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] mac spoofing

To: "Heiko.Garrelfs" <Heiko.Garrelfs@xxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] mac spoofing
From: Ales Jagodnik <ales.jagodnik@xxxxxxxxxxxx>
Date: Mon, 22 May 2006 20:31:30 +0200
Delivery-date: Mon, 22 May 2006 11:32:13 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20060522182511.GA13755@xxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: Interseek, Noviforum
References: <446CC230.1080008@xxxxxx> <20060522182511.GA13755@xxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.9.1
As far as I know xen uses IANA reserved address in the form of 
00:16:3E:XX:XX:XX.
Try configuring dom0 with vif=[''] and use dhcp. You will that MAC address will 
have the above "manufacturer" address.


> On Thu, May 18, 2006 at 08:51:28PM +0200, Heiko.Garrelfs wrote:
> > My Rootserver stands at a hoster ( german 1und1 ), I run a debian sarge
> > and installed Xen 3 there latetly.
> > I booted the xen Kernel - everything ok.
> > However: when I started xend, the server instantly stopped responding.
> > My Hosters Support said, that was due to a sort of mac spoofing
> > protection in the switch, which disabled the Port, to which my server is
> > connected, because there arrived an unknown Mac Address from my Server
> > at the switchport.
> > 
> > ( btw: at that point,  I had not configured any domU's )
> > 
> > From the Xen Docs I understand that the bridge gets the mac from eth0
> > which is then diabled.
> > 
> > So - I dont understand where the 'spoofed' Mac is coming from - at least
> > as long I have no domU running.
> 
> I don't know where the packets are coming from either.  But see below.
> 
> > ( I dont want to use NAT: I have two IPs ( only one NIC )for the Server
> > and want the dom0 and one domU to run on one IP each. )
> 
> Have you tried the routed network configuration?  That should avoid the
> problem of spoofed MAC addresses, since it doesn't use the bridging
> code, and should configure Dom-0 to use proxy ARP so that all your IP
> addresses will be accessible to the outside using your original MAC
> address.
> 

Attachment: pgpfzMCWcFFyv.pgp
Description: PGP signature

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>