WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] Re: xen nat problems

Hi Jason,

I'm CC'ing xen-users list for the sake of the archives. ;)

Yes, I've found a solution ...

Just one note, in my setup, I don't assign any IP address to the bridges
interfaces, instead I use the vethX ones, attached to the bridge (IMHO
the way that it should be).

So adding :

iptables -t raw -A PREROUTING -i [bridge_interface_here] -j NOTRACK

would fix the problem.

I haven't looked too deeply, but seems that even if you don't have an ip
address assigned to the bridges interfaces, as soon as one package
passes through them, it creates an entry in ip_conntrack, which messes
everything later. By adding a NOTRACK on any package comming from the
bridges interfaces solves the problem (since as I've said that I don't
assign ip address to them, but uses the netloop module - vethX
interfaces).

I hope that solves your problem.

Cheers,

Theo Diem

On Sun, 2007-04-15 at 15:26 -0500, Jason Pepas wrote:
> Hello,
> 
> Did you ever find a solution to the problem described at
> 
> http://lists.xensource.com/archives/html/xen-users/2006-10/msg00357.html
> 
> and
> 
> http://lists.xensource.com/archives/html/xen-users/2006-10/msg00755.html
> 
> I am trying to setup a similar internal network of Xen servers on my
> laptop, but I am stymied by NAT not working. 
> 
> Thanks,
> Jason Pepas


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] Re: xen nat problems, Theo Cabrerizo Diem <=