WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Malfunctioning bridge

To: <list@xxxxxxxxx>
Subject: RE: [Xen-users] Malfunctioning bridge
From: <J.Witvliet@xxxxxxxxx>
Date: Mon, 27 Jun 2011 13:51:14 +0200
Accept-language: en-US, nl-NL
Acceptlanguage: en-US, nl-NL
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 27 Jun 2011 04:52:30 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20110627093351.E07BD42E26B@xxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <20110627092558.E772817B889@xxxxxxxxxxxxxxxxx> <20110627093351.E07BD42E26B@xxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Avoip T.P. 

-----Original Message-----
From: Fajar A. Nugraha [mailto:list@xxxxxxxxx] 
Sent: Monday, June 27, 2011 11:31 AM
To: Witvliet, J, CDC/IVENT/OPS/I&S/HIN
Cc: Xen User-List
Subject: Re: [Xen-users] Malfunctioning bridge

On Mon, Jun 27, 2011 at 4:25 PM, <J.Witvliet@xxxxxxxxx> wrote:
> To simulate different networks, I created dummy ethernet devices, and 
> connected bridges to it.
> All of the bridges are working OK, except ONE: BR2 (for setup, see 
> attachement)

>
> If i ping on the vpn-box (vpn is not setup yet) towards internal 
> firewall or otherway round i see no traffic at all ( 172.16.100.1 => 
> 172.16.100.2 OR 172.16.100.2 => 172.16.100.1)
>
> Looked at [internal] firewall, at the bridges, routing, but i'm clue-less....
> Test i've done sofar:
>
> Any suggestion where to look next?

Your picture shows br2 is connected to server's eth1. "brctl show"
from yuor attachment shows br2 is connected to dummy1, not eth1.

-----Original Message-----

Hi Fajar,

The output from "brctl show" is done from dom-0.
There br0 provides access to the real world
All the others (br1, br2 and br3) are restricted to within the machine

So BR2 is connected to:
A) Dummy0 on dom-0
B) eth1 on kc3072 (vpn)
C) eth1 on kc3041 (fw-int)

The bridges themselves are only visible on the dom-0, not on the dom-U.


Involved (kc3041, kc3072) startup scripts:

name="kc3041"
description="sumunatie interne firewall"
uuid="8cbb5269-e40e-0297-d27a-b2b8e1e2b613"
memory=500
maxmem=1000
vcpus=1
on_poweroff="destroy"
on_reboot="restart"
on_crash="destroy"
localtime=0
keymap="en-us"
builder="linux"
bootloader="/usr/lib/xen/boot/domUloader.py"
bootargs="--entry=xvda1:/boot/vmlinuz-xen,/boot/initrd-xen"
extra=" "
disk=[ 'phy:/dev/xen-productie/kc3041-boot,xvda,w', 
'phy:/dev/xen-productie/kc3041-swap,xvdb,w', 
'phy:/dev/xen-productie/kc3041-syst,xvdc,w', 
'phy:/dev/xen-productie/kc3041-data,xvdd,w',  ] vif=[ 
'mac=00:16:3e:30:41:00,bridge=br0', 'mac=00:16:3e:30:41:01,bridge=br2', 
'mac=00:16:3e:30:41:02,bridge=br3', ] vfb=['type=vnc,vncunused=1']


name="kc3072"
description="int vpn server"
uuid="99ee7c72-493b-e69d-3cfa-7b438fcd2988"
memory=1000
maxmem=1000
vcpus=1
on_poweroff="destroy"
on_reboot="restart"
on_crash="destroy"
localtime=0
keymap="en-us"
builder="linux"
bootloader="/usr/bin/pygrub"
bootargs=""
extra=" "
disk=[ 'phy:/dev/xen-productie/kc3072-boot,xvda,w', 
'phy:/dev/xen-productie/kc3072-swap,xvdb,w', 
'phy:/dev/xen-productie/kc3072-syst,xvdc,w', 
'phy:/dev/xen-productie/kc3072-data,xvdd,w',  ]  
vif=[ 'mac=00:16:3e:30:72:01,bridge=br1', 'mac=00:16:3e:30:72:02,bridge=br2', 
'mac=00:16:3e:30:72:03,bridge=br3',  ] vfb=['type=vnc,vncunused=1']


______________________________________________________________________
Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet 
de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u 
verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat 
aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband 
houdt met risico's verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are 
not the addressee or if this message was sent to you by mistake, you are 
requested to inform the sender and delete the message. The State accepts no 
liability for damage of any kind resulting from the risks inherent in the 
electronic transmission of messages.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>