WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] network traffic can't be seen by iptables when no bridge pre

from [liang chen] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] network traffic can't be seen by iptables when no bridge presents
From: liang chen <chenlia@xxxxxxxxxxxxxxxxxx>
Date: Wed, 10 Aug 2005 12:05:01 -0400 (EDT)
Delivery-date: Thu, 11 Aug 2005 12:12:55 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
In my project, I tried to use iptables, instead of bridge, to direct
networking traffics from one VM to another in one host. What I am doing is
I delete xen-br0, and I have two VMs that have IP addresses of 10.8.0.51
and 10.8.0.52. I use

iptables -t mangle -A FORWARD -d 10.8.0.51 -j ROUTE --oif vif1.0
iptables -t mangle -A FORWARD -d 10.8.0.52 -j ROUTE --oif vif2.0

vif1.0 and vif2.0 are the virtual network interfaces of two VMs. In order
to debug the above rules, I log all the traffics:

iptables -t mangle -A PREROUTING -j LOG --log-level debug --log-prefix
"log-everything"

I ping 10.8.0.52 from 10.8.0.51 and I expect to see the traffics would be
logged. However, I can't see any corresponding traffics are logging. Only
traffics looks like :

IN=lo OUT= ip-source=127.0.0.1 ip-destination=127.0.0.1........

I use tcpdump to listen on vif1.0 and I can see the icmp requsts from
10.8.0.51 to 10.8.0.52.

I am using the kernel linux-2.6.11-xen0. Does anybody have ideas about it?
Is it because there is no bridge presenting?


thanks
liang


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] network traffic can't be seen by iptables when no bridge presents, liang chen <=
Previous by Date:  Re: [Xen-users] Maximal RAM reservation for Linux-Dom0, Jean-Christophe Guillain
Next by Date:  [Xen-users] PXE-booting Xen, Rusty Greer
Previous by Thread:  [Xen-devel] How to setup CONFIG_SCSI_SATA_VIA=y and CONFIG_SK98LIN=y on a custom xenlinux builds?, Marlon
Next by Thread:  [Xen-users] only one external ip, Nico Leidecker
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy