| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
RE: [Xen-users] UPATED xenbr0 doesn't have an IP (should it?!)
So now I am convinced that something in iptables and nat has gone
awry...but I am EXTREMELY weak on IPTABLES...
If I were to flush all dom0 iptables to start from scratch, what is a
bare minimum to allow for the following basic network architecture?
Gateway - 10.0.0.1
XenServer - 10.0.0.12
Virtual Server - 10.0.0.13
Anyone else on my network - 10.0.0.x
Thanks in advance!
/Stuart
-----Original Message-----
From: Stuart Rench
Sent: Friday, April 25, 2008 2:06 PM
To: Stuart Rench
Subject: RE: [Xen-users] xenbr0 doesn't have an IP (should it?!)
A little more info...
I may have isolated the root problem, but don't know the cause...
A 3rd party machine tries to arping and sees this in a tcpdump:
13:22:06.939437 arp who-has 10.0.0.13 tell 10.0.0.11
13:22:07.939442 arp who-has 10.0.0.13 tell 10.0.0.11
13:22:08.939446 arp who-has 10.0.0.13 tell 10.0.0.11
never any answers....10.0.0.12 (the host) who knows where 10.0.0.13 is
sees this in a tcpdump:
13:21:21.917162 arp who-has 10.0.0.13 tell 10.0.0.11
13:21:21.917201 arp reply 10.0.0.13 is-at 00:16:3e:5a:e7:02 (oui
Unknown)
13:21:22.917172 arp who-has 10.0.0.13 tell 10.0.0.11
13:21:22.917209 arp reply 10.0.0.13 is-at 00:16:3e:5a:e7:02 (oui
Unknown)
13:21:23.917169 arp who-has 10.0.0.13 tell 10.0.0.11
13:21:23.917203 arp reply 10.0.0.13 is-at 00:16:3e:5a:e7:02 (oui
Unknown)
but if i arping 10.0.0.12 from 10.0.0.11, i see the response in
10.0.0.12:
13:22:31.683323 arp reply 10.0.0.12 is-at 00:1d:09:29:80:41 (oui
Unknown)
so this leads me to believe that the host is routing (or blocking) the
fwding of arp....i turned iptables off and i don't see any change.
overview, 10.0.0.13 is my virtual host
10.0.0.12 is the Xen virtualization server
10.0.0.11 is a real server on the network....
-----Original Message-----
From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Stuart Rench
Sent: Friday, April 25, 2008 12:35 PM
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] xenbr0 doesn't have an IP (should it?!)
My domU cannot communicate with anything other than the dom0. The dom0
has no problems with any kind of communications.
I have seen some posts that imply that xenbr0 should have an IP address,
however, I cannot verify that.
What works:
Ping Dom0->DomU
Ping DomU->Dom0
SSH, etc Dom0->DomU
SSH, etc DomU->Dom0
Anything Dom0->(internet, intranet)
What doesn't Work:
Anything DomU->(internet, intranet, including gateway)
Some Information:
Dom0 IP: 10.0.0.12
DomU IP: 10.0.0.13
Gateway IP: 10.0.0.1
Below are some config and status snapshots:
[root@xen ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1D:09:29:80:41
inet addr:10.0.0.12 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::21d:9ff:fe29:8041/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:694 errors:0 dropped:0 overruns:0 frame:0
TX packets:86 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:65309 (63.7 KiB) TX bytes:19087 (18.6 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2211 errors:0 dropped:0 overruns:0 frame:0
TX packets:2211 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2625224 (2.5 MiB) TX bytes:2625224 (2.5 MiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:774 errors:0 dropped:0 overruns:0 frame:0
TX packets:206 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:73258 (71.5 KiB) TX bytes:26937 (26.3 KiB)
Interrupt:16 Memory:f8000000-f8012100
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:98 errors:0 dropped:0 overruns:0 frame:0
TX packets:700 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:21671 (21.1 KiB) TX bytes:65669 (64.1 KiB)
vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:129 errors:0 dropped:0 overruns:0 frame:0
TX packets:532 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:3612 (3.5 KiB) TX bytes:45994 (44.9 KiB)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:650 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:52872 (51.6 KiB) TX bytes:0 (0.0 b)
[root@xen ~]# brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif1.0
peth0
vif0.0
[root@xen ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere PHYSDEV
match --physdev-in vif1.0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@xen ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
10.0.0.0 * 255.255.255.0 U 0 0 0
eth0
169.254.0.0 * 255.255.0.0 U 0 0 0
eth0
default 10.0.0.1 0.0.0.0 UG 0 0 0
eth0
from everything I know, this looks like it should work.
Any ideas?
Thanks,
Stuart
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home