[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] How to redirect domU port to dom0 with nat


  • To: xen-devel@xxxxxxxxxxxxxxxxxxx
  • From: Wensheng Wang <wenshengwang@xxxxxxxxx>
  • Date: Mon, 26 Dec 2005 00:45:57 -0600
  • Delivery-date: Mon, 26 Dec 2005 06:49:40 +0000
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=mjxl4wdpSOcm56VwHDHKQK8hvV8Zci03SzduNdrx1WWZ/XgJmSwxf2rCSzmHKcrRkU7aTjcFIH3ph9DyG8ZYkMDX7rKH86UvM8QwZoqAGCx6ejM1i4oh3wSISW6zYZuPGtTMRYzk6/4hYxVlXLTz74tb3hi/i9Rw5lzN6szuZNo=
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>

I want to intercept traffic toward a domU port from dom0 and redirect
it to a dom0 port.
It used to work with a simple nat rule in the early xen3.0 (from more
than half year ago)
Like this:
5.6.7.9 is domU ip, 5.6.7.8 is dom0 ip, for example.
iptables -t nat -A PREROUTING -p tcp -d 5.6.7.9 --dport 3333 -j DNAT
--to 5.6.7.8:80


I want to do this so when a person request http://5.6.7.9:3333, he get
response from 5.6.7.8 dom0 web server.

But now it doesn't work.

I use current xen 3.0, default network(use xenbr0).  I have
/proc/sys/net/ipv4/ip_forward set to 1.  direct request of
http://5.6.7.8/ works.

"iptables -nvL -t nat" in dom0 shows 0 pkts for chain prerouting.
tcpdump in domU show pkts get through instead of be intercepted by dom0.

I tried "iptables -t raw -A PREROUTING -i xenbr0 -j NOTRACK" after
recompiling kernel modules, still to no avail.

What can I do to get it work?

Thank you.

Wensheng Wang

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.