WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

(was Re: [Xen-devel] nat does not work with hvm)

To: "Keir Fraser" <Keir.Fraser@xxxxxxxxxxxx>
Subject: (was Re: [Xen-devel] nat does not work with hvm)
From: "Christoph Rauch" <christoph.rauch@xxxxxxxxxxxx>
Date: Fri, 26 Oct 2007 16:06:29 +0200
Cc: Erdem Bayer <ebayer@xxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 26 Oct 2007 07:07:21 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; bh=9MaOnh9QBKvVAkilW+mWSCyp0eRLAAGXrEXgqJR1nMM=; b=PFT0/uZ8xMhVoAgSBmkOFuSVtEbiHh1w67ePLJz6AC4op0eRoxrWtnXn0fk6UqhRiEZrqlDi3Q+odxTLTrWYARtRxUnjvG+NEDs8IYSkwSeeZC/3IHbDkLBF3dJ7X6thOPasUUzDDx7AnRPzGb8pu9qffDiwwT7oh2iU1++bhLM=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=F+7J0Mgmxw3fLkj7R5MPJ9d+RRbPePZmOp8PBZ2YW9eS+LYm+s9YEg9O0kWkfbkki9oJ2i3rRfizTjH2NfoXfdwQEFDEaV4aKt1+UnWog05Q8Fa8DLN3doV7ZMBHol90COpLIhu5svQr6G5ecf9RrkBmD86yMWdoTPVV5GQgeHE=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Hello there,

Sorry for resurrecting such an old discussion, but I just stumbled
upon the same problem.

2007/4/14, Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>:
> On 14/4/07 07:56, "Erdem Bayer" <ebayer@xxxxxxxxxxxx> wrote:
> > Also should there also be a qemu-ifdown script to undo the changes?
> Not needed. Everything should tear down automatically when the qemu process
> dies.
That is only partially correct. The interface gets removed, yet all
iptables rules associated with it remain. Over time (reboots) many
bogus rules accumulate, which never get removed.

I checked the source for qemu-dm and found no reference to qemu-ifdown.

Anyway, the problem I have myself is that qemu-ifup does not know to
what VM the newly created tun device belongs. This way I cannot
associate special forwarding rules for certain VMs which survive
reboots as the tun device has not the same ID as the VM.

I created a workaround in qemu-ifup which first removes any firewall
rules associated with the tap device and then creates the new rules.

This is esthetically unpleasing. :-)

Are there plans to improve this situation, or is it already solved in
the HEAD branch?

--
Christoph

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>
  • (was Re: [Xen-devel] nat does not work with hvm), Christoph Rauch <=