This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] Yet another question about multiple NICs

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Yet another question about multiple NICs
From: Felix Kuperjans <felix@xxxxxxxxxxxxxxxxxx>
Date: Fri, 17 Dec 2010 12:11:00 +0100
Delivery-date: Fri, 17 Dec 2010 03:12:49 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4D0B4213.50303@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4D0B4213.50303@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20101213 Thunderbird/3.1.7
Hello Philippe,

just some questions:
- Do you use a firewall in dom0 oder domU?
- Are those two physical interfaces probably connected to the same
physical network?
- Can you post the outputs of the following commands in both dom0 and
domU when your setup has just startet:
    # ip addr show
    # ip route show
    # iptables -nvL
    And dom0 only:
    # brctrl show
Note that those commands require iproute2, bridge-utils (dom0 only) and
iptables to be installed on the machine.

I can make some guesses right now, too:
- If the second question would be answered with yes, you must use two
physical network or you are creating a loop.
- Is your bridge really named equally to your network interface (i.e.
both eth0) or is the network interface renamed? Probably something got
confused there (ip addr will show it anyway).


Am 17.12.2010 11:57, schrieb Philippe Combes:
> Dear Xen users,
> I have tried for weeks to have a domU connected to both NICs of the
> dom0, each in a different LAN. Google gave me plenty of tutos
> and HowTos about the subject, including the Xen and the Debian Xen
> wiki's, of course. It seems so simple !
> Some advise to use a simple wrapper to /etc/xen/network-bridge, others
> to let it aside and to set bridges on my own.
> But there must be something obvious that I miss, something so obvious
> that no manual need to explain it, because I tried every solution and
> variant I found on the Internet with no success.
> My dom0 first ran CentOS 5.5, Xen 3.0.3. I tried to have eth1 up and
> configured both in dom0 and in a domU. I never succeeded (details
> below), so I followed the advice of some colleagues who told me my
> issues might have come from running a Debian lenny domU on a CentOS
> dom0 (because the domU used the CentOS kernel instead of the one of
> Debian lenny, which is more recent).
> So now my dom0 runs an up-to-date Debian lenny, with Xen 3.2.1, but I
> have the same behaviour when trying to get two interfaces in a domU.
> As I said it before, I tried several configurations, but let's stick
> for now to one based on the network-bridge script.
> In /etc/network/interfaces:
>  auto eth0
>  iface eth0 inet dhcp
>  auto eth1
>  iface eth1 inet dhcp
> In /etc/xen/xend-config.sxp:
>  (network-script network-bridge-wrapper)
> /etc/xen/scripts/network-bridge-wrapper:
>  #!/bin/bash
>  dir=$(dirname "$0")
>  "$dir/network-bridge" "$@" vifnum=0 netdev=eth0 bridge=eth0
>  "$dir/network-bridge" "$@" vifnum=1 netdev=eth1 bridge=eth1
> In domU configuration file:
>  vif = [ 'mac=00:16:3E:55:AF:C2,bridge=eth0',
> 'mac=00:16:3E:55:AF:C3,bridge=eth1' ]
> With this configuration, I get both bridges eth<i> configured and
> usable: I mean I can ping one machine of every LAN through the
> corresponding interface.
> When I start a domU however, the dom0 and the domU are alternatively
> connected to the LAN of eth1, but mutually exclusively. In other
> words, the dom0 is connected to the LAN on eth1 for a couple of
> minutes, but not the domU, and then, with no other reason than
> inactivity on the interface, it switches to the reverse situation:
> domU connected, not the dom0. After another couple of minutes of
> inactivity, back to the first situation, and so on...
> I noticed that the 'switch' does not occur if the one that is
> currently connected performs a continuous ping on another machine of
> the LAN.
> This happened with the CentOS too. But I did not try anything else
> under that distro. Under Debian, I tried to have dom0's eth1 down (no
> IP), but then the domU's eth1 does not work at all, not even
> periodically.
> I was pretty sure the issue came from the way my bridges were
> configured, that there was something different with the dom0 primary
> interface, etc. Hence  I tried all solutions I could find on the
> Internet with no success.
> I then made a simple test. Instead of binding domU's eth<i> to dom0's
> eth<i>, I bound it to dom0's eth<1-i>: I changed
>  vif = [ 'mac=00:16:3E:55:AF:C2,bridge=eth0',
> 'mac=00:16:3E:55:AF:C3,bridge=eth1' ]
> to
>  vif = [ 'mac=00:16:3E:55:AF:C3,bridge=eth1',
> 'mac=00:16:3E:55:AF:C2,bridge=eth0' ]
> I was very surprised to see that dom0's eth0, domU's eth0 and dom0's
> eth1 were all working normally, not domU's eth1. There was no
> alternance between dom0's eth0 and domU's eth1 there, probably because
> there is always some kind of activity on dom0's eth0 (NFS, monitoring).
> So it seems that my issue is NOT related to the dom0 bridges, but to
> the order of the vifs in the domU description. However, in the
> xend.log file, there is no difference in the way both vifs are processed.
>  [2010-12-16 14:51:27 3241] INFO (XendDomainInfo:1514) createDevice:
> vif : {'bridge': 'eth1', 'mac': '00:16:3E:55:AF:C2
> ', 'uuid': '9dbf60c7-d785-96e2-b036-dc21b669735c'}
>  [2010-12-16 14:51:27 3241] DEBUG (DevController:118) DevController:
> writing {'mac': '00:16:3E:55:AF:C2', 'handle': '0'
> , 'protocol': 'x86_64-abi', 'backend-id': '0', 'state': '1',
> 'backend': '/local/domain/0/backend/vif/2/0'} to /local/d
> omain/2/device/vif/0.
>  [2010-12-16 14:51:27 3241] DEBUG (DevController:120) DevController:
> writing {'bridge': 'eth1', 'domain': 'inpiftest',
> 'handle': '0', 'uuid': '9dbf60c7-d785-96e2-b036-dc21b669735c',
> 'script': '/etc/xen/scripts/vif-bridge', 'mac': '00:16:
> 3E:55:AF:C2', 'frontend-id': '2', 'state': '1', 'online': '1',
> 'frontend': '/local/domain/2/device/vif/0'} to /local/d
> omain/0/backend/vif/2/0.
>  [2010-12-16 14:51:27 3241] INFO (XendDomainInfo:1514) createDevice:
> vif : {'bridge': 'eth0', 'mac': '00:16:3E:55:AF:C3
> ', 'uuid': '1619a9f8-8113-2e3c-e566-9ca9552a3a93'}
>  [2010-12-16 14:51:27 3241] DEBUG (DevController:118) DevController:
> writing {'mac': '00:16:3E:55:AF:C3', 'handle': '1'
> , 'protocol': 'x86_64-abi', 'backend-id': '0', 'state': '1',
> 'backend': '/local/domain/0/backend/vif/2/1'} to /local/d
> omain/2/device/vif/1.
>  [2010-12-16 14:51:27 3241] DEBUG (DevController:120) DevController:
> writing {'bridge': 'eth0', 'domain': 'inpiftest',
> 'handle': '1', 'uuid': '1619a9f8-8113-2e3c-e566-9ca9552a3a93',
> 'script': '/etc/xen/scripts/vif-bridge', 'mac': '00:16:
> 3E:55:AF:C3', 'frontend-id': '2', 'state': '1', 'online': '1',
> 'frontend': '/local/domain/2/device/vif/1'} to /local/d
> omain/0/backend/vif/2/1.
> There I am stuck, and it is very frustrating. It looks so simple when
> reading at tutos, that I clearly missed something obvious, but what ?
> Any clue, any track to follow down will be welcome, truly. Please do
> not hesitate to ask me for relevant logs, or for any experiment you
> would think useful.
> Thanks for your help,
> Philippe.
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users

Xen-users mailing list