WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] strange networking issue in xen DomU

To: "Fischer, Anna" <anna.fischer@xxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] strange networking issue in xen DomU
From: "Sarika Ray" <ray.sarika@xxxxxxxxx>
Date: Thu, 4 Dec 2008 17:06:43 -0500
Cc:
Delivery-date: Thu, 04 Dec 2008 14:08:37 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=5fBmZRn56bQ6ZwP9PNEIR7NFFQaDNX5gJZTFPdPiDjk=; b=j8efLVK596B3zMbJyH6ZzGG3yDJmqfu7VQ8vm2ZFXWfR2/wFYIjOihC52qNEG0Bktb Z8nHfveeG1Im/lQR33mP/gyiBPYWCCVVyaWb1xw2lJYALXWlIAWUOeKKmXPTKjmHPO9w RFhZFq+9o7pvi6xA9jVtrVhjwkaLVf8ZvHPg4=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=oa7LlqgqOpQm2uSvetd9SR/9880kYC4ytCFaBWHvXzD4/tmjmurszQXgUEjecUSx8y uIrAgnGQDZQvD4cqKXXGuuCV342fDEYy0J8R1AUsXGnQT+ZJfjSYvsD0q83nxIXD5Wh3 yzU780T1BQEnroaUzlVPXTUBes07j8SDVvNrU=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <0199E0D51A61344794750DC57738F58E5E28EBA765@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <9f642e900812022218s3044469bx46e83cecdfcb5c58@xxxxxxxxxxxxxx> <0199E0D51A61344794750DC57738F58E5E28EBA765@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thanks. It solved the issue. I was dumb to miss this earlier.


On Wed, Dec 3, 2008 at 11:08 PM, Fischer, Anna <anna.fischer@xxxxxx> wrote:

I would guess from your logs that your DomU simply misses a default route, so it can only send out packets to the 143.215.129.0 network.

 

Try adding a default route in your DomU, e.g. by calling "ip route add default via $gateway_ip_address dev eth0". $gateway_ip_address should be your routing box that connects to outside networks.

 

From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Sarika Ray
Sent: 03 December 2008 06:19
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] strange networking issue in xen DomU

 

I have a xen 3.2.0 setup with 2.6.18. XenoLinux kernel and FC8 Dom0 file system. I have used xen-tools to create a Debian-Etch DomU.

With the default setup I was not able to  ping to any other host except Dom0. I guess that was due to forward chaining issue with my Dom0. But then I modified my iptables configuration in Dom0 to comment out the  forwarding rule that was rejecting everything. So now I am being able to ping to all the hosts in the same L3 subnet as my DomU but not not anything other than that.

So could any please tell me what I am doing wrong? I am including some details below. Let me know if I am missing to provide some necessary information.

**********
my  DomU  config file is as  follows:
#
# Configuration file for the Xen instance dmvirt1.xxx, created
# by xen-tools 3.9 on Tue Dec  2 17:51:45 2008.
#

#
#  Kernel + memory size
#
kernel      = '/boot/vmlinuz-2.6.18.8-xen'
ramdisk     = '/boot/initrd-2.6.18.8-xen.img'
memory      = '128'

#
#  Disk device(s).
#
root        = '/dev/sda2 ro'
disk        = [
                  'phy:/dev/DomUVols/dmvirt1.xxx-swap,sda1,w',
                  'phy:/dev/DomUVols/dmvirt1.xxx-disk,sda2,w',
              ]


#
#  Hostname
#
name        = 'dmvirt1.xxxx'

#
#  Networking
#
vif         = [ 'ip=143.215.129.1xx,mac=00:16:3E:88:22:AA' ]

vfb = ['type=vnc']
#
#  Behaviour
#
> on_reboot   = 'restart'
on_crash    = 'restart'

extra = "xencons=xvc console=xvc console=tty"
*******************

*****************
Some other DomU Details

dmvirt1:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:16:3E:88:22:AA 
          inet addr:143.215.129.157  Bcast:143.215.129.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe88:22aa/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1206 errors:0 dropped:0 overruns:0 frame:0
          TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:114259 (111.5 KiB)  TX bytes:10024 (9.7 KiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)


dmvirt1:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
143.215.129.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0


dmvirt1:/etc# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
 address 143.215.129.1xx
 gateway 143.215.129.1
 netmask 255.255.255.0
  broadcast ${broadcast}
 
 # post-up  ethtool -K eth0 tx off

#
# The commented out line above will disable TCP checksumming which
# might resolve problems for some users.  It is disabled by default
#





dmvirt1:~# ping www.yahoo.com
ping: unknown host www.yahoo.com
dmvirt1:~# ping 69.147.76.15
connect: Network is unreachable



*******************
Dom0 Details

[root@kahn dev]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
RH-Firewall-1-INPUT  all  --  anywhere             anywhere           

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  dmvirt1              anywhere            PHYSDEV match --physdev-in vif17.0
ACCEPT     udp  --  anywhere             anywhere            PHYSDEV match --physdev-in vif17.0 udp spt:bootpc dpt:bootps

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        

Chain RH-Firewall-1-INPUT (1 references)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere           
ACCEPT     ah   --  anywhere             anywhere           
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:nfs
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:nfs
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:sunrpc
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:telnet
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:cvspserver
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpts:terabase:pxc-splr-ft
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpts:terabase:pxc-splr-ft
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:teradataordbms
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited


[root@kahn dev]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:1A:A0:1B:88:E1 
          inet addr:143.215.129.2xx  Bcast:143.215.129.255  Mask:255.255.255.0
          inet6 addr: fe80::21a:a0ff:fe1b:88e1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:506521 errors:0 dropped:0 overruns:0 frame:0
          TX packets:165558 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:423458331 (403.8 MiB)  TX bytes:11964484 (11.4 MiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:235929 errors:0 dropped:0 overruns:0 frame:0
          TX packets:235929 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:36772495 (35.0 MiB)  TX bytes:36772495 (35.0 MiB)

peth0     Link encap:Ethernet  HWaddr 00:1A:A0:1B:88:E1 
          inet6 addr: fe80::21a:a0ff:fe1b:88e1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:553720 errors:0 dropped:0 overruns:0 frame:0
          TX packets:162980 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:434130358 (414.0 MiB)  TX bytes:13050967 (12.4 MiB)
          Interrupt:20

vif17.0   Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF 
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:361 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4092 errors:0 dropped:5 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:43052 (42.0 KiB)  TX bytes:393229 (384.0 KiB)


[root@kahn dev]# brctl show
bridge name     bridge id               STP enabled     interfaces
eth0            8000.001aa01b88e1       no              peth0
                                                        vif17.0



******************
 


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>