WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] network (NAT?) problem

from [James Bulpin] [Permanent Link][Original]
To: Markus Lude <lude@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] network (NAT?) problem
From: James Bulpin <james@xxxxxxxxxxxxx>
Date: Thu, 23 Jun 2005 10:55:11 +0100
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 23 Jun 2005 09:54:20 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20050622163343.GA29211@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <20050622163343.GA29211@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) 
Markus,
You say the routing of packets between dom2 and dom0 doesn't work as intended - can you elaborate on this, i.e. where do packets get to, do you see them if you tcpdump eth1 and eth0 in dom1?
Do you have any IP tables rules in dom0 that would affect packets on xen-br1? 

Can you post the following for all domains:
 - iptables details (both nat and filter tables)
 - routing tables
 - ifconfig
 - cat /proc/sys/net/ipv4/ip_forward

And brctl show for dom0.

Thanks,

James

Markus Lude wrote:

Hello,

my current network setup looks like the following:

    dom2-eth0 (172.30.1.22) netmask /24
        |
        | xen-br1 (no ip)
        |
    dom1-eth0 (172.30.1.21) netmask /24
    dom1-eth1 (172.30.0.21) netmask /24
        |
        | xen-br10 (172.30.0.1) netmask /24
        |
      dom0
        |
        | xen-br0 (normal IP)
        |
       eth0 (same IP as xen-br0)
        |
        |
       LAN

Basically I want to route all traffic between dom0 and dom2 through dom1.
This does work as intended.
I further would like to have access to the LAN from dom1 and dom2 through
NAT in dom0. It works for dom1, but not for dom2. The addresses of packets
from dom2 were not changed (noticed with tcpdump -n -i eth0 in dom0).

In dom0 NAT is set up with:
  iptables -t nat -A POSTROUTING -s 172.30.0.0/16 -o xen-br0 -j MASQUERADE

If I leave out the -s parameter nothing changes.

I'm running debian sarge in all doms and xen-2.0.6.

Any suggestions? What am I missing?

Regards,
Markus Lude


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] kernel debugging using Xen, Vishal Patil
Next by Date:  [Xen-users] About using LVM, Miguel Gómez
Previous by Thread:  [Xen-users] network (NAT?) problem, Markus Lude
Next by Thread:  Re: [Xen-users] network (NAT?) problem, Markus Lude
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy