Re: [Xen-users] Help me to set up network (routes)

[Jeff Williams <jeffw@xxxxxxxxxxxxxx>]

Alan,

I haven't set up routed networking, but I would say the problem is that 
the gateway on the Windows DomU is 10.9.3.1, which it doesn't know how 
to get to. I would suggest to changing it to 10.0.2.254 which is on the 
same subnet as the DomU's network interface, the traffic should then 
come out via vif2.0 and be handled by Dom0.
Jeff Williams
wherethebitsroam.com

On 07/05/09 03:57, AlannY wrote:
> Hi there, I'm Alan.
>
> 2nd day I'm trying to set up network in Xen. Firstly, I set up it via 
> bridges and it have worked in some success ;-) But bridges is not what 
> I want.
> So, I decide to reconstruct network with routes. I set up everything 
> as many tutorials said, but nothing happens: I can't ping domU from 
> host and can't ping dom0 from guest ;-(
> So, below, I will show what I'm doing, I would like to hear what I'm 
> doing wrong.
> Thanks for your patience.
>
> ================
> Dom0 have one (1) working net card: eth0
>
> with IP for external LAN: 10.9.3.92
> and gateway for with IP: 10.9.3.1
>
> ---------
> My xend-config.sxp have:
>
> (network-script network-route)
> (vif-script vif-route)
>
> ---------
>
> %# cat /proc/sys/net/ipv4/conf/all/proxy_arp
> 1
> %# cat /proc/sys/net/ipv4/conf/eth0/proxy_arp
> 1
> %# cat /proc/sys/net/ipv4/ip_forward
> 1
>
> ---------
>
> In my %.vm (Virtual Machine) file I have:
>
> vif  = [ 'ip=10.0.2.2' ]
>
> --------
>
> In my DomU (Windows in my case) I set up network interface as follow:
>
> address 10.0.2.2
> netmask 255.255.255.0
> gateway 10.9.3.1  # it's a gateway which gave me ISP (see above)
>
> ========
> After "xm create ...":
>
> --------
>
> %# ip r
> [...]
> 10.0.2.2 dev vif2.0  scope link  src 10.9.3.92
> [...]
>
> -------
>
> %# ifconfig -a
> eth0      Link encap:Ethernet  HWaddr 00:e0:4c:a0:b0:20
>           inet addr:10.9.3.92  Bcast:10.9.3.255  Mask:255.255.255.0
>           inet6 addr: fe80::2e0:4cff:fea0:b020/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:2158921 errors:1 dropped:78 overruns:1 frame:0
>           TX packets:1918655 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:2215803222 (2.0 GiB)  TX bytes:1294017960 (1.2 GiB)
>           Interrupt:17 Base address:0xd000
> [...]
> tap2.0    Link encap:Ethernet  HWaddr 4e:69:00:fd:f0:48
>           inet6 addr: fe80::4c69:ff:fefd:f048/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:26 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:2343 (2.2 KiB)  TX bytes:468 (468.0 B)
>
> vif2.0    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff
>           inet addr:10.9.3.92  Bcast:10.255.255.255  Mask:255.255.255.255
>           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:6 overruns:0 carrier:0
>           collisions:0 txqueuelen:32
>           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
>
> --------
>
> %# route -n
> [...]
> 10.0.2.2        0.0.0.0         255.255.255.255 UH    0      0        
> 0 vif2.0
> [...]
> 10.9.3.0        0.0.0.0         255.255.255.0   U     0      0        
> 0 eth0
> [...]
> 0.0.0.0         172.16.0.1      0.0.0.0         UG    0      0        
> 0 ppp0
> The last line is doesn't matter
>
> ---------
>
> %# iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  10.0.2.2             anywhere            PHYSDEV 
> match --physdev-in vif2.0
> ACCEPT     udp  --  anywhere             anywhere            PHYSDEV 
> match --physdev-in vif2.0 udp spt:bootpc dpt:bootps
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> %# iptables -t nat -L
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
>
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> ===========
>
> from Dom0:
>
> %# ping 10.0.2.2
> PING 10.0.2.2 (10.0.2.2) 56(84) bytes of data.
> From 10.9.3.92 icmp_seq=2 Destination Host Unreachable
> From 10.9.3.92 icmp_seq=3 Destination Host Unreachable
> From 10.9.3.92 icmp_seq=4 Destination Host Unreachable
>
> from DomU:
> %# ping 10.9.3.92
> ping time out
> ping time out
> ping time out
> ping time out
>
> Also in Dom0:
> %# tcpdump | grep 10.0.2.2
> shows nothing ;-(
>
> =========
>
> Thank for patience.
>
> P.S. Gentoo user ;-)
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users