|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] NAT networking in Xen
I've resolved the issue myself.
I am using a fedora 14 dom0 and the network manager was enabled.
Whenever xen would create a virtual interface the network manager would
attempt to run dhcp on this interface and erase its ip information. The
solution was to disable the network manager.
- John
On 07/05/2011 02:22 PM, John Backes wrote:
> Hello,
>
> I'm trying to set up the NAT network configuration for xen but I'm
> having some issues. I've have the correct lines commented and
> uncommented in my xend-xonfig.xsd file:
>
> #(network-script network-bridge)
> #(vif-script vif-bridge)
> #(network-script network-route)
> #(vif-script vif-route)
> (network-script network-nat)
> (vif-script vif-nat)
>
> My domain config file for my paravirtualized fedora 14 domain contains
> the following text:
>
> name="default"
> description="None"
> memory=512
> maxmem=512
> vcpus=1
> on_poweroff="destroy"
> on_reboot="restart"
> on_crash="destroy"
> localtime=0
> keymap="en-us"
> builder="linux"
> bootloader="/usr/bin/pygrub"
> bootargs=""
> extra=" "
> disk=[ 'file:/var/lib/xen/images/default.img,xvda,w', ]
> vif=[ 'ip=10.0.0.2', ]
> NETMASK = "255.0.0.0"
> GATEWAY = "10.0.0.1"
> vfb=['type=vnc,vncunused=1']
>
> extra = "console=hvc0"
>
> When i start the domain my iptables has the following entries:
>
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere state
> RELATED,ESTABLISHED
> ACCEPT icmp -- anywhere anywhere
> ACCEPT all -- anywhere anywhere
> ACCEPT tcp -- anywhere anywhere state NEW
> tcp dpt:ssh
> ACCEPT udp -- anywhere anywhere state NEW
> udp dpt:ipp
> ACCEPT udp -- anywhere 224.0.0.251 state NEW
> udp dpt:mdns
> ACCEPT tcp -- anywhere anywhere state NEW
> tcp dpt:ipp
> ACCEPT udp -- anywhere anywhere state NEW
> udp dpt:ipp
> ACCEPT udp -- anywhere anywhere state NEW
> udp dpt:snmp
> REJECT all -- anywhere anywhere reject-with
> icmp-host-prohibited
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere PHYSDEV
> match --physdev-out vif1.0 --physdev-is-bridged
> ACCEPT udp -- anywhere anywhere PHYSDEV
> match --physdev-in vif1.0 --physdev-is-bridged udp spt:bootpc dpt:bootps
> ACCEPT all -- anywhere anywhere PHYSDEV
> match --physdev-out vif1.0 --physdev-is-bridged
> ACCEPT all -- 10.0.0.2 anywhere PHYSDEV
> match --physdev-in vif1.0 --physdev-is-bridged
> REJECT all -- anywhere anywhere reject-with
> icmp-host-prohibited
>
> and my ifconfig looks like:
>
> eth0 Link encap:Ethernet HWaddr 00:0E:0C:6C:48:F5
> inet addr:192.168.222.77 Bcast:192.168.222.255
> Mask:255.255.255.0
> inet6 addr: fe80::20e:cff:fe6c:48f5/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:6572 errors:0 dropped:0 overruns:0 frame:0
> TX packets:4115 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:6549366 (6.2 MiB) TX bytes:438666 (428.3 KiB)
>
> eth1 Link encap:Ethernet HWaddr 00:1C:C0:CB:B6:59
> UP BROADCAST MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
> Memory:e0400000-e0420000
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:208 errors:0 dropped:0 overruns:0 frame:0
> TX packets:208 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:15880 (15.5 KiB) TX bytes:15880 (15.5 KiB)
>
> vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
> inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:9 errors:0 dropped:22 overruns:0 carrier:0
> collisions:0 txqueuelen:32
> RX bytes:0 (0.0 b) TX bytes:1542 (1.5 KiB)
>
> I have configured the network settings in the domU to be the same as
> specified in the domain config file. When I try to ping the default
> gateway from the domU I can see packts on the vif1.0 interface saying:
>
> 7 25.900903 Xensourc_34:7d:9b Broadcast ARP Who has
> 10.0.0.1? Tell 10.0.0.2
>
> Based on the iptables output, it seems like xen is still trying to used
> a bridged network type configuration. I should note that I have
> restarted the xen daemon after making the changes to the xend-config.xsd
> config file. Are there some other settings I have to change in order to
> use a NAT type configuration? Thanks in advance.
>
> - John
>
>
>
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|