|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] Unexpected (?) bridging behavior in 2.0.7/FC4
> Hi,
>
> master@xxxxxxxxxxxxxxx wrote:
>> I've got 2.0.7 running on a machine with 1 physical interface and two
>> bridges, like so --
>>
>> bridge name bridge id STP enabled interfaces
>> xen-br0 8000.0040f4ce392f no eth1
>> vif5.0
>> vif9.0
>> xenbr1 8000.feffffffffff no vif5.1
>> vif9.1
>>
>> Bridge xenbr1 does not have an IP assigned, as I want vif5.1, vif9.1 to
>> be
>> on an "untethered" bridge so it is isolated from dom0 --
>>
>> [root@teegeeack ~]# ifconfig xenbr1
>> xenbr1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:47 errors:0 dropped:0 overruns:0 frame:0
>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>> collisions:0 txqueuelen:0
>> RX bytes:1860 (1.8 KiB) TX bytes:0 (0.0 b)
>>
>> If I run tcpdump -i xenbr1 on dom0, should I see all traffic on xenbr1
>> (vif5.1 and vif9.1)? In this case the domU on vif5.1 has IP 192.168.5.8
>> and vif9.1 has IP 192.168.5.9. If I run tcpdump on xenbr1 and ping .8, I
>> don't see any packets. If I run tcpdump on xenbr1 and ping .9, I do see
>> the packets.
>
> tcpdump should show all traffic whether the bridge has an IP or not.
> Can you tcpdump each vif and get a result that way?
> Can you tcpdump from inside the domU and get a result?
> I assume your network works correctly?
> Perhaps check for overlapping subnets?
>
>>
>> So, I suppose the question is -- is this expected? What I want is for
>> the
>> bridge to act like a hub, not a switch, but my testing shows it's not
>> acting like either.
>
> I don't understand your meaning.
>
>> My intent is to use snort on a bridge without an IP assigned.
>
> I think that should work.
>
>> I've tried running tcpdump on the vifs in dom0 as well. Only the pings
>> to
>> 192.168.5.9 are captured. Am I missing something?
>
> Make sure the vif's in dom0 don't have an IP assigned.
>
> tcpdumping on each vif will show traffic to/from the domU it's attached
> to.
>
>
> Marcus.
>
Thanks for the response Marcus.
I figured it out -- my mistake. I was pinging 192.168.5.8 and 192.168.5.9
from dom0 (IP 192.168.2.5 -- different network) which is routed to one of
the domU machines. When I tcpdmp -i xenbr1 on dom0 and the traffic is
between .8 and .9, I see both machine's traffic as I would expect. I think
it's working as it should, but I've got more experimenting to do.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|