WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] DOMU loses outside connection

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] DOMU loses outside connection
From: Mike & Deb Hoesing <m-d-hoesing@xxxxxxx>
Date: Mon, 18 Jul 2005 06:53:54 -0500
Delivery-date: Mon, 18 Jul 2005 11:51:47 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
When I start xen dom0  I get that same dhcp address for eth0 and for
xen-br0, dom0 can talk to the world.  If I start each of my 3 domU's
mannually, each guest gets a xen-br0 vif with a dhcp address and all 3
can talk to the outside world and each other (my "flat network").

What I want is a tiered network with the first domU acting as a firewall
with 3 nics
vif = [ 'mac=aa:00:00:aa:99:10, bridge=xen-br0', 'mac=00:00:00:aa:99:11,
bridge=xen-brDMZ', 'mac=00:00:00:aa:99:12, bridge=xen-brINT' ]
When I run the script below, the second and third domains can reach the
firewall and each other on nets 192/168/10.0/24 via xen-brDMZ and  can
reach 192.168.120/24 via xen-brINT. With forwarding and routing applied,
I can communicate to/from the 10 net and the 120 net also.

However, after running the script below the first domU loses connection
with xen-br0 and thus loses connection with the outside world.  Any
ideas on how the preserve xen-br0 connectivity?

Thanks

********************My Start Bridge  Script**************************

#!/bin/bash
#  /etc/xen/xen_start_bridges.batch
# 
# 
# enable forwarding in xen0
echo "1" > /proc/sys/net/ipv4/ip_forward
#
# disassociate old vif's if they are still arround
brctl delif xen-br0 vif1.1
brctl delif xen-br0 vif1.2
brctl delif xen-br0 vif2.1
brctl delif xen-br0 vif3.1
#
#
# add internal bridge between the Firewall guest and the
# AppDatabaseDS guest
brctl addbr xen-brINT
brctl stp xen-brINT off
ifconfig xen-brINT up
#
#
# add a bridge between the Firewall guest and the
# DMZwebserver guest
brctl addbr xen-brDMZ
brctl stp xen-brDMZ off
ifconfig xen-brDMZ up
#
#
# show what exists to verify
xm list
echo " "
brctl showmacs xen-br0
echo " "
brctl showmacs xen-brDMZ
echo " "
brctl showmacs xen-brINT
echo " "
#
# start the 3 guests
xm create /etc/xen/xm1firewall
xm create /etc/xen/xm2webserver
xm create /etc/xen/xm3idsappdb
#
# /etc/xen/scripts   run the network script 4 times to 
# associate the bridges with xend#
cd /etc/xen/scripts
# ./network start bridge=xen-br0 netdev=vif1.0 antispoof=yes
# ./network start bridge=xen-br0 netdev=vif2.0 antispoof=yes
# ./network start bridge=xen-br0 netdev=vif3.0 antispoof=yes
./network start bridge=xen-brDMZ netdev=vif1.1 antispoof=yes
./network start bridge=xen-brDMZ netdev=vif2.1 antispoof=yes
./network start bridge=xen-brINT netdev=vif1.2 antispoof=yes
./network start bridge=xen-brINT netdev=vif3.1 antispoof=yes




-- 
Mike & Deb Hoesing <m-d-hoesing@xxxxxxx>


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] DOMU loses outside connection, Mike & Deb Hoesing <=