On Wed, Apr 29, 2009 at 1:37 AM, Kai Schaetzl <maillists@xxxxxxxxxxxxx> wrote:
> dom0:
> brctl show
> bridge name bridge id STP enabled interfaces
> xenbr0 8000.001ec9fefbab no eth0
> vif14.0
> xenbr1 8000.001ec9fefbac no eth1
> vif14.1
>
> ip addr list | grep "inet "
> inet 127.0.0.1/8 scope host lo
> inet 192.168.2.4/27 brd 192.168.2.31 scope global eth2
> inet 192.168.1.24/24 brd 192.168.1.255 scope global xenbr0
> inet 192.168.2.3/27 brd 192.168.2.31 scope global xenbr1
You have an error here.
you assign eth2 and xenbr1 IPs from the same IP subnet (192.168.2.4
and 192.168.2.3 are both on 192.168.2.0/27), yet they're not on the
same physical network (not on the same bridge, and not connected to
the same switch/vlan).
If the interfaces are on different physical network, you need to
assign different IP subnet. I believe this is the root cause of
problem on your setup : basic TCP/IP networking.
>
> ip route
> 192.168.2.10 via 192.168.2.3 dev xenbr1 scope link
This one should not be necessary. When you setup the ip addresses
correctly you don't need to assign this route.
> 192.168.2.0/27 dev eth2 proto kernel scope link src 192.168.2.4
> 192.168.2.0/27 dev xenbr1 proto kernel scope link src 192.168.2.3
The correct way to fix the problem depends on how you want things to work.
First possibilty : If you want eth2 and xenbr1 to be on the same
network, you need to REMOVE eth2's IP address and assign it as a
bridge to xenbr1, so "brctl show" should look like this
xenbr1 8000.001ec9fefbac no eth1
eth2
vif14.1
Note that this means you put eth1 and eth2 on the same physical
network. Meaning :
- If both eth1 and eth2 are connected to the same switch, this setup
has the same effect as plugging a crossover cable on two switch ports.
- If eth1 is connected to a switch and eth2 is connected to another
server via a crossover cabel, this setup has the same effect as
connecting the second server directly to the switch.
Second possibilty : if eth2 and xenbr1 is intended to be a separate
network, you need to change the IP address so they're on a different
subnet.
> domU is straight forward:
> no bridge
>
> ip addr list | grep "inet "
> inet 127.0.0.1/8 scope host lo
> inet 212.202.99.237/28 brd 212.202.99.239 scope global eth0
> inet 192.168.1.237/24 brd 192.168.1.255 scope global eth0:1
> inet 192.168.2.10/27 brd 192.168.2.31 scope global eth1
Again, the same question. Does domU's eth1 supposed to be on the same
network as dom0's eth1, or is it supposed to be on the same network as
dom0's eth2? Or both?
>
> So, just to make it clear, *this* setup with the additional route is
> working now in all directions.
Bad idea.
> I now realize that my best option is
> probably to use a different subnet each for eth1 and eth2
Correct.
> Oh, and I just find that using different nets for eth1 and eth2 solves the
> problem, anyway, without a static route. Like so:
> ip route
> 192.168.3.0/27 dev eth2 proto kernel scope link src 192.168.3.1
> 192.168.2.0/27 dev xenbr1 proto kernel scope link src 192.168.2.3
> 192.168.1.0/24 dev xenbr0 proto kernel scope link src 192.168.1.24
> default via 192.168.1.1 dev xenbr0
exactly :)
So I gather you chose the second possibilty?
This would mean that dom0 and domU can communicate (through bridging
on xenbr1). But this also mean domU will NOT be able to communicate to
whatever machine connected to dom0's eth2 (a4 machine?). If you want
it you need to :
- Setup dom0 as router, OR
- create another bridge for eth2 (say xenbr2) and add another vif on
domU connected to that bridge.
I suggest you enlist the help of network admins with your setup. To
make it simpler, think of bridge as another dumb switch without vlan
support.
Hope that helps. Good luck with your setup.
Regards,
Fajar
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|