WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] dom0 can't access domU network?

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] dom0 can't access domU network?
From: Robert Zaleski <rlzaleski@xxxxxxxxx>
Date: Tue, 8 Nov 2011 01:20:31 -0500
Delivery-date: Mon, 07 Nov 2011 22:21:58 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=vRrkNUJoZAQagoLQOHqJ2xncIVY4Z5JJ71jHgiSfZAw=; b=jjdf5IgVio34arBN1A+t6PBWWloGkWXDT79pWojjVaaCfkdZl4D9tXHKEyqad1Jqoc 2YJP+BAL0SDxJVsNIgUxyBNxiWaod5Gp6fxsl9ZHp49LQ+NiYpo3UVCu/SK54tPfDIUw YQeaneKAbFnievSkzWvoc7kJJLkeOzYoENeAY=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
I'm trying to set up a couple of Windows Pro boxes on Xen.  For some reason, my dom0 can't open a TCP connection to domU as a regular user.    I'm using OpenSuSE 11.  I've been banging my head on this all day, so what I got now is...

YaST - Set up br0 and eth0, all works fine.

# So my bridge remains as it was at startup
(network-script /sbin/true)
# Bond to br0 network.
(vif-script vif-bridge bridge=br0)

# domU config.
vif=[ 'mac=0a:0a:3e:66:5e:8f,bridge=br0' ]


I can get to the internet from dom0, dom0 can ping domU, domU can access internet, and my laptop can even RDP into the domU machine.  I've got the PV drivers installed in Windows.

 # brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.bcaec56013a0       no              eth0
                                                        tap2.0
                                                        vif2.0

Everything looks bonded.
# /sbin/ifconfig
br0       Link encap:Ethernet  HWaddr BC:AE:C5:60:13:A0 
          inet addr:192.168.1.112  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:36227 errors:0 dropped:0 overruns:0 frame:0
          TX packets:35795 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:10375291 (9.8 Mb)  TX bytes:2895383 (2.7 Mb)

eth0      Link encap:Ethernet  HWaddr BC:AE:C5:60:13:A0 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:36128 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34554 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10832946 (10.3 Mb)  TX bytes:3103425 (2.9 Mb)
          Interrupt:18

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:4160 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4160 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:8940280 (8.5 Mb)  TX bytes:8940280 (8.5 Mb)

tap2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:543 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 b)  TX bytes:114798 (112.1 Kb)

vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF 
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:949 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2507 errors:0 dropped:11 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:325532 (317.9 Kb)  TX bytes:187205 (182.8 Kb)

# ping ely07.zaleski.net
PING ely07.zaleski.net (192.168.1.103) 56(84) bytes of data.
64 bytes from Ely07.zaleski.net (192.168.1.103): icmp_req=1 ttl=128 time=2.32 ms
64 bytes from Ely07.zaleski.net (192.168.1.103): icmp_req=2 ttl=128 time=0.142 ms
64 bytes from Ely07.zaleski.net (192.168.1.103): icmp_req=3 ttl=128 time=0.153 ms


# nmap -T4 -A -v -PN -PE -PS22,25,80,3389 -PA21,23,80,3389 ely07.zaleski.net
Warning:  You are not root -- using TCP pingscan rather than ICMP

Starting Nmap 5.21 ( http://nmap.org ) at 2011-11-08 01:18 EST
NSE: Loaded 36 scripts for scanning.
Initiating Ping Scan at 01:18
Scanning ely07.zaleski.net (192.168.1.103) [6 ports]
Completed Ping Scan at 01:18, 2.00s elapsed (1 total hosts)
Nmap scan report for ely07.zaleski.net (192.168.1.103) [host down]
Read data files from: /usr/share/nmap
Note: Host seems down. If it is really up, but blocking our ping probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 2.07 seconds


# As root
# nmap -T4 -A -v -PN -PE -PS22,25,80,3389 -PA21,23,80,3389 ely07.zaleski.net ^C

Starting Nmap 5.21 ( http://nmap.org ) at 2011-11-08 01:17 EST
NSE: Loaded 36 scripts for scanning.
Failed to resolve given hostname/IP: ^C.  Note that you can't use '/mask' AND '1-4,7,100-' style IP ranges
Initiating ARP Ping Scan at 01:17
Scanning ely07.zaleski.net (192.168.1.103) [1 port]
Completed ARP Ping Scan at 01:17, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 01:17
Completed Parallel DNS resolution of 1 host. at 01:17, 0.00s elapsed
Initiating SYN Stealth Scan at 01:17
Scanning ely07.zaleski.net (192.168.1.103) [1000 ports]
Discovered open port 135/tcp on 192.168.1.103
Discovered open port 445/tcp on 192.168.1.103
Discovered open port 139/tcp on 192.168.1.103
Discovered open port 3389/tcp on 192.168.1.103
Discovered open port 554/tcp on 192.168.1.103
Discovered open port 10243/tcp on 192.168.1.103
Discovered open port 5357/tcp on 192.168.1.103
Discovered open port 2869/tcp on 192.168.1.103
Completed SYN Stealth Scan at 01:18, 11.93s elapsed (1000 total ports)
Initiating Service scan at 01:18
Scanning 8 services on ely07.zaleski.net (192.168.1.103)


Any ideas?  I'm so stinking close to having this all using PV, I just need to have my dom0 connect since I'm sitting at a beefy workstation.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>