[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Network issues with SuSE firewall

> I experiemented a lot, and this message was 1000 lines longer
> with output from iptables etc.  Bottom line is this now works,
> though I'm not 100% certain I can replicate all the differences.
> Basically:
> 1) Reconfigure the default firewall rules to block nothing and
> accept everything;
> 2) Reboot

Great. Everything was pointing toward a firewall problem -- if
the messages were making it to serial, they really should have
been making it to domain 0. What domain0 chooses to do with them
is another matter ;-)

> There is still a very desirable feature: I'd *really* like
> xenconsole messages from all domains to go to a file.

There's plans to change some of the domain console stuff to make
it do input as well as output. One option under consideration is
to make the console present itself to domain0 using a custom
mechanism rather than UDP. This would have the advantage of
avoiding dependencies on people's firewall setups, but I'm not
personally keen on introducing another communication mechanism. 
Besides, it's only a dependency on the domain 0 firewall
configuration -- all other domains can do what they like.

As for sending to a file, you can just redirect as per normal.
"xen_read_console | tee myconsole" (though this obviously assumes
that the alias is in place and your firewall isn't
binning the packets)
> The basic setup I have for virtual domains required:
> 1) ln -s /dev/hdc /dev/cdrom_link   (or modify /etc/xen-mynewdom)
> 2) leave the CD-ROM in the drawer, but don't boot from it
> 3) boot to Xen (my new images, discussed earlier)
> 3a) run "xen_read_console &" as root, to see boot messages  
> 4) start new domains with xenctl
> Steps 1 and 2 are not clear from the 1.0 README.CD.


We hadn't anticipated that anyone would want to use the CD
in quite this manner, but we can update the documentation
> I now have virtual domains booted and can access them.  I will send
> another note describing what I'd like to do to get these living on the
> real (non-ram) file system with NFS and shared /usr etc., but will
> experiment more first.

NFS to domain0 is the way I have my laptop configured and it
works well.


This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.