There is a lot of confusion understanding Xen networking. I've attached
two diagrams that may help explain it better for some Xen beginners. I
think I would have benefited from this information when I was just
getting started.
The first diagram shows basic xen networking when you use network-bridge
and vif-bridge scripts. The second diagram shows xen networking when
using network-route and vif-route. For beginners, I recommand starting
with bridge. I won't even try to explain the -nat scripts here.
I hope someone finds this information useful. Feel free to send me any
constructive comments, corrections or improvements.
------------------------------
When using network-bridge/vif-bridge:
when xend starts up, it runs the network-bridge script, which:
- creates a new bridge named "xenbr0"
- "real" ethernet interface eth0 is brought down
- the IP and MAC addresses of eth0 are copied to
virtual network interface veth0
- real interface eth0 is renamed "peth0"
- virtual interface veth0 is renamed "eth0"
- peth0 and vif0.0 are attached to bridge xenbr0
- the bridge, peth0, eth0 and vif0.0 are brought up
when a domU starts up, xend (running in dom0) runs the vif-bridge
script, which:
- attaches vif<id#>.0 to xenbr0
- vif<id#>.0 is brought up
------------------------------
when using network-route/vif-route:
when xend starts up, it runs network-route which:
- enabled ip forwarding within dom0
when domU starts up, xend runs (within dom0) vif-route which:
- copies the ip address from eth0 to vif<id#>.0
- brings up vif<id#>.0
- adds host static route for domU's ip address specified in
domU.sxp config file, pointing at interface vif<id#>.0
------------------------------
xen creates, by default, seven pair of "connected virtual ethernet
interfaces" for use by dom0. Think of them as two ethernet interfaces
connected by an internal crossover ethernet cable. veth0 is connected
to vif0.0, veth1 is connected to vif0.1, etc, up to veth7 -> vif0.7.
You can use them by configuring IP and MAC addresses on the veth# end,
then attaching the vif0.# end to a bridge.
Every time you create a running domU instance, it is assigned a new
domain id number. You don't get to pick the number, sorry. The first
domU will be id #1. The second one started will be #2, even if #1 isn't
running anymore.
For each new domu, xen creates new "connected virtual ethernet
interfaces", with one end of each pair is within the domU and the other
end exists within dom0. For linux domU's, the device name it sees is
named "eth0". The other end of that virtual ethernet interface pair
exists within dom0 as interface "vif<id#>.0". For example, domU #5's
eth0 is attached to vif5.0. If you create multiple network interfaces
for a domU, it's ends will be eth0, eth1, etc, whereas the dom0 end will
be vif<id#>.0, vif<id#>.1, etc.
When a domU is shutdown, the virtual ethernet interfaces for it are
deleted.
------------------------------
Additional Notes:
- you can change the bridge name from xenbr0 using:
(network-script 'network-bridge bridge=mybridge')
in xend-config.sxp and rebooting or restarting xend
- remember to configure the bridge to attach to in the
domU's config file (domu.sxp) using:
set vif=[ 'bridge=mybridge' ]
or perhaps something like:
set vif=[ 'mac=00:16:3e:01:01:01,bridge=mybridge' ]
- you can create multiple network interfaces, and attach them
to different bridges using:
set vif=[ 'mac=00:16:3e:70:01:01,bridge=br0',
'mac=00:16:3e:70:02:01,bridge=br1' ]
- if you want to use multiple bridges, you must create them
yourself, either manually, or via your own startup script,
or via a custom script to replace network-bridge. For example:
$ cd /etc/xen/scripts
$ cp network-bridge network-custom
$ cp vif-bridge vif-custom
$ vi /etc/xen/xend-config.sxp
(network-script network-custom)
(vif-script vif-custom)
$ vi network-custom
# whatever you want
- before you connect a physical interface to a bridge,
remember to reset it's mac and turn arp off. For example:
# ip link set eth1 down
# ip link set eth1 mac fe:ff:ff:ff:ff:ff arp off
# brctl addif br1 eth1
# ip link set eth1 up
------------------------------
Good Luck!
--
Patrick Wolfe
email: pwolfe@xxxxxxxxxxxxxx
network-xen-bridge.png
Description: PNG image
network-xen-route.png
Description: PNG image
signature.asc
Description: This is a digitally signed message part
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|