WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] xen-unstable networking

To: xen-devel@xxxxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] xen-unstable networking
From: Chris Andrews <chris@xxxxxxxxxx>
Date: Sat, 27 Mar 2004 16:02:38 +0000
Delivery-date: Sat, 27 Mar 2004 16:05:04 +0000
Envelope-to: steven.hand@xxxxxxxxxxxx
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
Hi,

I've been running xen-unstable quite successfully; the virtual disks and new console code seem fine. I've got some problems with the networking though, but I'm not sure if I'm trying to do something that's impossible with the current VFR code.

I'm trying to make Xen's internal network among the domains available to a vpn: the machine is allocated a network in the vpn, 192.168.101.0/24, and domain 0 has an IP tunnel to the vpn server and a single IP address in that network, 192.168.101.254. This network is made visible from the vpn by routing daemons running in domain 0. This much works and domain 0's vpn connectivity is fine.

The other domains then have addresses in 192.168.101.0/24, e.g. 192.168.101.1 for domain 1, with the address added to the VFR for that domain's vif 0 and the address added as a secondary on the domain's eth0. The domain then has a default route via 192.168.101.254. Domain 0 has /proc/sys/net/ipv4/ip_forward set to 1. I can ping between domains, and between domain 0 and other domains using 192.168.101.x addresses.

However, while packets from the vpn are correctly routed to domains other than 0, packets from those domains appear directly on the physical ethernet rather than being routed via domain 0 and down the vpn tunnel. This does seem to to be working as designed in that the domain has access to the physical ethernet for addresses which have been added to its vif, but it would be useful for this situation if the packets could go via domain 0. Is this something which can be done with the current code?


Cheers,
Chris.



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

<Prev in Thread] Current Thread [Next in Thread>