On Jan 16, 2006 at 2136 -0600, Daniel Goertzen appeared and said:
I observed similar problems (checksum errors) when I directly assigned
an IP address to the bridge in dom0.
My bridges have IP addresses, but the addresses are not used. Could this
be a problem?
I corrected the situation by adding vif0.0 to the bridge and assigning
the IP address to veth0. If you're using the network-bridge script
that comes with xend this all happens automatically, but I had to roll
my own solution and ran afoul.
I use xend's network-bridge script and have additional network
interfaces defined in /etc/network/interfaces. The bridges look as
xen0:~# brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no peth0
xenbr1 8000.dabb912575c8 no dummy1
peth0 and vif0.0 are from Dom0. vif19.0 and vif19.1 belong to the
firewall in the first DomU and the vif14.0 belongs to the webserver.
dummy1 is one of two dummy interfaces. A /29 network is routed to the
machine. Dom0 has the first address, eth0 inside the firewall's DomU has
the second, both use the gateway serving the /29. Neither peth0 nor
vif0.0 have IP addresses configured.
My assumption was that the first bridge xenbr0 forwards the packets to
the gateway. ICMP, TCP SYN and even TCP SYN plus data works, everything
Maybe someone can explain the background of the checksum errors.