WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] Firewall problem resolved - cannot set up networking in domU

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Firewall problem resolved - cannot set up networking in domU
From: Eric E <whalesuit@xxxxxxxxxx>
Date: Wed, 18 May 2005 15:22:07 -0400
Delivery-date: Wed, 18 May 2005 19:20:05 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
Hi James,
Many thanks for your quick reply, and for the help. I'm now able to see the dom0 machine from the network, but I can't seem to get into our out of dom1. I can't see any IP addresses on my network such as 192.168.1.10 from within dom1, nor can I ping the machine's address from dom0 or elsewhere on the network.

My dom1 is a just a copy of the partition of the root partition of Suse9.2 used for dom0

In my domain configuation file for dom1, I've tried the following for the vif:
1) vif= ['mac=00:xx:xx:xx:xx:xx, bridge=xen-br0']
2) vif= ['mac=00:xx:xx:xx:xx:xx, bridge=xen-br0, ip=192.168.1.25']
3) vif = ['bridge=xen-br0']
4) nothing (commented out)

In dom0, the eth0, vif, and xen-br0 interface are all up and running. After fooling around with other options, I removed the eth0 interface from my domU, which seems to have been a bad idea, because now I'm not sure what module to use for an eth0 device. Prior to this, I noticed that there was no xen-br0 device in dom1, just dom0.

Any ideas?

Thanks,

Eric

James Bulpin wrote:

Eric,

Use yast, or your favourite firewall configurator, to add a custom named
interface of "xen-br0" to the same security zone as eth0.
If that doesn't do the trick, please post the output of the following
command in dom0:

iptables -v -L
iptables -v -L -t nat

James

On Tue, 2005-05-17 at 23:08, Eric E wrote:
Hi all,
    I'm just getting started with Xen, and having some problems with
networking. I installed Xen 2.0.5 from the Suse 9.2 binaries, and have been able to boot a domain fine. I'm hoping to make two domains and give them static IP addresses (e.g. 192.168.1.25 and 192.168.1.26) - nothing fancy.

When I start the xend service, however, xen's network script deletes all
routes associated with eth0, and associates them with xen-br0.
Thereafter I cannot ping or ssh to the machine from any external
machines.  My attempts to delete and recreate routes:

     route del -net 192.168.1.0 netmask 255.255.255.0
    route add -net 192.168.1.0 netmask 255.255.255.0 eth0
    route del default gw 192.168.1.1
    route add default gw 192.168.1.1 eth0

have been ineffective so far.  When I run the xen network script:
network stop bridge=xen-br0 netdev=eth0
I get connectivity back.

Does anyone have any recommendations for quickly setting up my
routing/bridging to make my two virtual domains available form my network?

Thanks,

Eric


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users





_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] Firewall problem resolved - cannot set up networking in domU, Eric E <=