WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] multiple vif's/bridges

from [andrew mathes] [Permanent Link][Original]
To: Mark Doll <doll@xxxxxxxxx>
Subject: Re: [Xen-users] multiple vif's/bridges
From: andrew mathes <amathes@xxxxxxxxxxxx>
Date: Mon, 2 May 2005 12:09:54 -0700 (PDT)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 02 May 2005 19:09:55 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <42766E55.7000007@xxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <900f397f05042811593195bab5@xxxxxxxxxxxxxx> <Pine.LNX.4.62.0504281225410.11340@xxxxxxxxxxxxxxxxxx> <900f397f0504281330637df347@xxxxxxxxxxxxxx> <Pine.LNX.4.62.0504291137590.561@xxxxxxxxxxxxxxxxxx> <900f397f05042914305022b40e@xxxxxxxxxxxxxx> <Pine.LNX.4.62.0504291522001.4465@xxxxxxxxxxxxxxxxxx> <900f397f050430090544ad824a@xxxxxxxxxxxxxx> <Pine.LNX.4.62.0505012141250.5264@xxxxxxxxxxxxxxxxxx> <20050502142412.GE7330@xxxxxxxxxxxxxxxx> <Pine.LNX.4.62.0505020834200.20512@xxxxxxxxxxxxxxxxxx> <Pine.LNX.4.62.0505021021220.20512@xxxxxxxxxxxxxxxxxx> <42766E55.7000007@xxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
hm, tcpdump from external -> eth3 of dom0 looks fine

tcpdump from exteran -> eth1 of domU = no reply

tcpdump from eth3 -> ext = fine
tcpdump from eth3->domU ... the ping says it's ok, but tcpdump shows nothing 

likewise domU->eth3 ... says it's pinging, but tcpdump shows nothing
so is what's happening here is both sides pinging the bridge, but nothing is going through? i have this in dmesg: 

device vif1.0 entered promiscuous mode
xen-br0: port 1(vif1.0) entering learning state
xen-br0: topology change detected, propagating
xen-br0: port 1(vif1.0) entering forwarding state
device vif1.1 entered promiscuous mode
xen-br1: port 2(vif1.1) entering learning state
xen-br1: topology change detected, propagating
xen-br1: port 2(vif1.1) entering forwarding state

so that looks good ...
i'm not supposed to make the domU gateway the same as the domO nic or anything am i? 

perhaps that dump information will clarify the problem ...

i hope =)

On Mon, 2 May 2005, Mark Doll wrote:


Hi Andrew!

andrew mathes wrote:

ok, so, ... brctl show shows this:

xen-br0         8000.001143fd7101       no              eth0
                                                        vif10.0
                                                        vif11.0
                                                        vif12.0
                                                        vif9.0
xen-br1         8000.001143fd7102       no              eth3
                                                        vif10.1
                                                        vif11.1
                                                        vif12.1
                                                        vif9.1

so obviously the interfaces are bound to the correct bridges, i just
can't reach any of the interfaces through the second bridge (eth0 isn't
plugged in ...)


This looks good. So since it worked for me, check if

- all interfaces are up including (the unconfigured) eth3 in domain0
- eth1 of domain10 (domain11, domain12) and the external host connected
to eth3 of domain0 are configured with the same IP subnet
- make shure that spoof protection makes no problems, so better disable
it by setting /proc/sys/net/conf/*/rp_filter to 0
- the bridge is in forwarding state? With dmesg you should see something
like

xen-br1: port 1(vif10.1) entering learning state
xen-br1: topology change detected, propagating
xen-br1: port 1(vif10.1) entering forwarding state

and so on for the other vifs

For debugging you should use something simpler than ssh. I always use
"ping" together with "tcpdump". I. e. in domain0 use "tcpdump -eni eth3
icmp or arp") to check how far the address resolution and the ping
packets go and if answers are coming in. Try this on all hosts.
Sometimes a broadcast ping, i. e. "ping -b 10.11.12.255" if your network
is 10.11.12.0/24, or "ping -I eth0 -b 255.255.255.255" if eth0 is on the
subet you wish to check, is more robust in the presence of misconfigured
IP addresses.

Mark.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] working xen domU kernel with PHYSDEV_ACCESS?, Mark Williamson
Next by Date:  [Xen-users] Memory allocation, Eric S. Johansson
Previous by Thread:  Re: [Xen-users] multiple vif's/bridges, Mark Doll
Next by Thread:  Re: [Xen-users] multiple vif's/bridges, Nivedita Singhvi
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy