WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] Limited networking in domU using routed vif

from [Paul Gear] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Limited networking in domU using routed vif
From: Paul Gear <paul@xxxxxxxxxxxxxxx>
Date: Sat, 23 Dec 2006 21:47:58 +1000
Delivery-date: Sat, 23 Dec 2006 03:48:54 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.7 (X11/20060915) 
Hi all,

I'm having a rather strange networking problem with the first domU in my
new Xen box.  I'm using Debian etch, kernel 2.6.18-3-xen-vserver-amd64,
with Xen 3.0.3 provided by Debian.

The symptoms of my problem are that the domU and dom0 can ping each
other and pass UDP traffic, but the domU cannot make outgoing TCP
connections, nor can the dom0 make TCP connections to the domU.

Hosts in use are:
        dom0    10.0.0.1
        domU    10.0.0.2
        nonxen  10.0.0.3
The LAN is a /24 subnet, and dom0 proxy ARP's domU's address on the LAN.

What works:

action          src     dest
------          ---     ----
ping            dom0    domU
ping            domU    dom0
ping            nonxen  domU
ping            domU    nonxen
snmpwalk        dom0    domU
snmpwalk        nonxen  domU
DNS lookup      domU    dom0

What doesn't work:

ssh             dom0    domU
ssh             domU    dom0
ssh             nonxen  domU
ssh             domU    nonxen
http            domU    nonxen

I've worked out that it isn't a packet size issue by increasing the ping
payload size in various increments up to 2048 bytes.

I'm using Shorewall, an iptables preprocessor, for my firewall (using
this document: http://shorewall.net/XenMyWay-Routed.html), but these
symptoms persist even when the firewall is cleared.

I've double-checked that ethtool -k shows tx off on all NICs in
question, including the vif that connects to my domU.

It just seems like TCP is somehow not functional on this domU.  Any
ideas on how i can get this it networking correctly?

-- 
Paul
<http://paulgear.webhop.net>
--
P.S.  Merry Christmas!  :-)

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] Limited networking in domU using routed vif, Paul Gear <=
Previous by Date:  Re: [Xen-users] AMD ATHLON 64 X2 5200+ AM2 and Supermicro H8SMA-2 A64/Opteron a good choice?, Nico Kadel-Garcia
Next by Date:  Re: [Xen-users] OpenBSD 4.0 HVM guest, Luca Corti
Previous by Thread:  [Xen-users] AMD ATHLON 64 X2 5200+ AM2 and Supermicro H8SMA-2 A64/Opteron a good choice?, Peter Peltonen
Next by Thread:  [Xen-users] Re: fedora core 6 domU on Opensuse 10.2 dom0 - fsck at each boot, bigfoot29
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy