Hello Ian,
I got it working :
Dom0's /etc/network/interfaces:
----------------------------------------
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down
my eth1 looks like:
auto eth1
iface eth1 inet static
address 192.168.x.x
netmask 255.255.255.0
network 192.168.x.0
broadcast 192.168.x.255
# dns-* options are implemented by the resolvconf package, if
installed
dns-nameservers 192.168.x.x 192.168.x.y
dns-search my.domain
----------------------------------------
So I need 2 bridges (so I can get my vpn & firewall machines to allow
the right traffic in/out of our network).
So I run
/etc/xen/scripts/network start bridge=xen-br1 netdev=eth1 antispoof=no
Right?
Well I modified /etc/xen/scripts/network to:
....
bridge=${bridge:-xen-br0}
netdev=${netdev:-eth0}
antispoof=${antispoof:-yes}
bridge1=xen-br1
netdev1=eth1
...
case ${OP} in
start)
op_start
bridge=${bridge1}
netdev=${netdev1}
op_start
;;
stop)
op_stop
bridge=${bridge1}
netdev=${netdev1}
op_stop
;;
status)
show_status ${netdev} ${bridge}
;;
*)
echo 'Unknown command: ' ${OP}
echo 'Valid commands are: start, stop, status'
exit 1
esac
ifconfig -a shows 2 ethx and two bridges
the domU configurations looks like:
# Define network interfaces.
# Number of network interfaces. Default is 1.
nics=2
# Optionally define mac and/or bridge for the network interfaces.
# Random MACs are assigned if not given.
#vif = [ 'mac=aa:00:00:00:00:11, bridge=xen-br0' ]
vif = [ 'bridge=xen-br0', 'bridge=xen-br1' ]
And it works then.
Good luck.
Reiner
When I run tcpdump on each of the bridge interfaces I see the expected
traffic for that interface.
Set up a VM with 2 nics with the following config file:
----------------------------------------
kernel = "/boot/vmlinuz-2.6-xenU-tun"
memory = 64
name = "vpn"
nics=2
root = "/dev/hda1 ro"
disk = [ 'phy:/dev/vg00/vpn,hda1,w', 'phy:/dev/vg00/vpnswap,hda2,w' ]
vif = [ 'mac=AA:00:00:07:C5:2C', 'bridge=xen-br0',
'mac=AA:00:00:07:C5:2D', 'bridge=xen-br1' ]
----------------------------------------
I start the VM up and ipconfig in the VM shows
----------------------------------------
eth0 Link encap:Ethernet HWaddr AA:00:00:07:C5:2C
inet addr:192.168.0.230 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:858 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:76754 (74.9 KiB) TX bytes:158 (158.0 b)
eth1 Link encap:Ethernet HWaddr AA:00:00:01:D2:48
inet addr:192.168.101.1 Bcast:192.168.101.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:861 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:76912 (75.1 KiB) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
----------------------------------------
Which shows a different mac address to the one I am expecting for eth1
as per the config file!! Is this the root of my problem?
So "brctl show" in Dom0 shows:
----------------------------------------
bridge name bridge id STP enabled interfaces
xen-br0 8000.0008a1349cdc no eth0
vif1.0
vif1.1
vif1.2
xen-br1 8000.0008a1349c9f no eth1
vif1.3
----------------------------------------
Which I think is ok! Can anyone confirm?
When in the VM I do a tcpdump on each of the 2 nics I see the same
traffic as if both interfaces are bridged with eth0 in Dom0, this is not
what I want.
I have attempted reinstalling Dom0 from scratch twice and have tried
building xen-testing from source but I get the same outcome. At this
point I am willing to try almost anything (with the exception of running
out and buying more hardware.)
I attempted to look for relevant posts to this mailing list, but
unfortunately I haven't found anything that appears relevant to my
problem. If I have missed stuff please don t flame :)
Any help would be most appreciated.
Regards
Ian
--------------------------------------------------------------------------------
The information in this message and any attachment is intended for the
addressee and is confidential. If you are not that addressee, no action
should be taken in reliance on the information and you should please
reply to this message immediately to inform us of incorrect receipt and
destroy this message and any attachments.
For the purposes of internet level email security incoming and outgoing
emails may be read by personnel other than the named recipient or sender.
Whilst all reasonable efforts are made, ASM (UK) Ltd cannot guarantee
that emails and attachments are virus free or compatible with your
systems. You should make your own checks and ASM (UK) Ltd does not
accept liability in respect of viruses or computer problems experienced.
--------------------------------------------------------------------------------
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
------------------------------------------------------------------------
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
| 
Home