This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] an attempt to explain xen networking

To: Patrick Wolfe <pwolfe@xxxxxxxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] an attempt to explain xen networking
From: "Dirk H. Schulz" <dirk.schulz@xxxxxxxxxxxxx>
Date: Fri, 03 Feb 2006 12:21:33 +0100
Delivery-date: Fri, 03 Feb 2006 11:32:01 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <1138805838.9441.79.camel@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <1138805838.9441.79.camel@xxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.7 (Macintosh/20050923)
Hi Patrick,

does this concern Xen 3 only or is it wrong? :-)

I do have a standard xen-bridged setup (xen 2.0.7), but in my case eth0 is not connected to a vif0.0 which in turn is connected to the bridge. My eth0 is directly connected to the bridge, there is no peth.0 connected to the bridge.


Patrick Wolfe schrieb:

There is a lot of confusion understanding Xen networking.  I've attached
two diagrams that may help explain it better for some Xen beginners.  I
think I would have benefited from this information when I was just
getting started.

The first diagram shows basic xen networking when you use network-bridge
and vif-bridge scripts.  The second diagram shows xen networking when
using network-route and vif-route.  For beginners, I recommand starting
with bridge.  I won't even try to explain the -nat scripts here.

I hope someone finds this information useful.  Feel free to send me any
constructive comments, corrections or improvements.


When using network-bridge/vif-bridge:

when xend starts up, it runs the network-bridge script, which:
- creates a new bridge named "xenbr0"
- "real" ethernet interface eth0 is brought down
- the IP and MAC addresses of eth0 are copied to
 virtual network interface veth0
- real interface eth0 is renamed "peth0"
- virtual interface veth0 is renamed "eth0"
- peth0 and vif0.0 are attached to bridge xenbr0
- the bridge, peth0, eth0 and vif0.0 are brought up

when a domU starts up, xend (running in dom0) runs the vif-bridge
script, which:
- attaches vif<id#>.0 to xenbr0
- vif<id#>.0 is brought up


when using network-route/vif-route:

when xend starts up, it runs network-route which:
- enabled ip forwarding within dom0

when domU starts up, xend runs (within dom0) vif-route which:
- copies the ip address from eth0 to vif<id#>.0
- brings up vif<id#>.0
- adds host static route for domU's ip address specified in
 domU.sxp config file, pointing at interface vif<id#>.0


xen creates, by default, seven pair of "connected virtual ethernet
interfaces" for use by dom0.  Think of them as two ethernet interfaces
connected by an internal crossover ethernet cable.  veth0 is connected
to vif0.0,  veth1 is connected to vif0.1, etc, up to veth7 -> vif0.7.
You can use them by configuring IP and MAC addresses on the veth# end,
then attaching the vif0.# end to a bridge.

Every time you create a running domU instance, it is assigned a new
domain id number. You don't get to pick the number, sorry.  The first
domU will be id #1.  The second one started will be #2, even if #1 isn't
running anymore.
For each new domu, xen creates new "connected virtual ethernet
interfaces", with one end of each pair is within the domU and the other
end exists within dom0. For linux domU's, the device name it sees is
named "eth0".  The other end of that virtual ethernet interface pair
exists within dom0 as interface "vif<id#>.0".  For example, domU #5's
eth0 is attached to vif5.0.  If you create multiple network interfaces
for a domU, it's ends will be eth0, eth1, etc, whereas the dom0 end will
be vif<id#>.0, vif<id#>.1, etc.

When a domU is shutdown, the virtual ethernet interfaces for it are


Additional Notes:

- you can change the bridge name from xenbr0 using:
        (network-script 'network-bridge bridge=mybridge')
 in xend-config.sxp and rebooting or restarting xend
- remember to configure the bridge to attach to in the
 domU's config file (domu.sxp) using:
        set vif=[ 'bridge=mybridge' ]
 or perhaps something like:
        set vif=[ 'mac=00:16:3e:01:01:01,bridge=mybridge' ]

- you can create multiple network interfaces, and attach them
 to different bridges using:
        set vif=[ 'mac=00:16:3e:70:01:01,bridge=br0',
                  'mac=00:16:3e:70:02:01,bridge=br1' ]

- if you want to use multiple bridges, you must create them
 yourself, either manually, or via your own startup script,
 or via a custom script to replace network-bridge.  For example:
        $ cd /etc/xen/scripts
        $ cp network-bridge network-custom
        $ cp vif-bridge vif-custom
        $ vi /etc/xen/xend-config.sxp
                (network-script network-custom)
                (vif-script vif-custom)
        $ vi network-custom
                # whatever you want

- before you connect a physical interface to a bridge,
 remember to reset it's mac and turn arp off.  For example:

        # ip link set eth1 down
        # ip link set eth1 mac fe:ff:ff:ff:ff:ff arp off
        # brctl addif br1 eth1
        # ip link set eth1 up


Good Luck!




Xen-users mailing list

Xen-users mailing list