Felix Kuperjans a écrit :
Hi Philippe,
I forgot about Xen's renaming... The firewall rules do nothing special,
they won't hurt anything.
Ip addresses are also correct (on both sides), but the routes are
probably not ok:
- The dom1 does not have a default route - so it will not be able to
reach anything outside the two subnets (but should reach anything inside
of them).
It needs not so far.
- It's interesting that dom1's firewall output shows that no packages
were processed, so maybe you didn't ping anything since the last reboot
from dom1 or the firewall was loaded by reading it's statistics...
You requested for the outputs "when <my> system has just started".
Hence no packet, I guess. But shouldn't there be at least those exchanged
for the ssh connection to the dom1 ?
Anyway, after one minute or so, I get on the dom1:
# iptables -nvL
Chain INPUT (policy ACCEPT 23 packets, 884 bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 4 packets, 816 bytes)
pkts bytes target prot opt in out source
destination
Still no reasons why you can't ping local machines from the dom1 (and
sometimes even not from dom0). Have you tried pinging each other, so
dom0 -> dom1 and vice versa?
Yes I tried, and it has always worked while dom0's eth1 was up.
The only remaining thing that denies communication would be ARP, so the
output of:
# ip neigh show
on both machines *directly after* a ping would be nice (within a few
seconds - use && and a time-terminated ping).
Nothing on a machine when not connected. But when connected (here the
dom0):
$ ip neigh show
192.168.24.125 dev eth1 lladdr 00:16:36:e0:81:2c REACHABLE
172.16.113.100 dev eth0 lladdr 00:16:38:4c:04:00 DELAY
172.16.113.123 dev eth0 lladdr 00:16:36:e0:81:2e STALE
172.16.113.124 dev eth0 lladdr 00:1b:24:3d:ca:95 REACHABLE
172.16.113.106 dev eth0 lladdr 00:16:38:28:b5:39 REACHABLE
Does that give you any clue for further investigations ?
Thanks again,
Philippe
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
| 
Home