WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] DHCP problem in privleged domU from ISP

To: "Patrick Wolfe" <pwolfe@xxxxxxxxxxxxxx>
Subject: Re: [Xen-users] DHCP problem in privleged domU from ISP
From: "Frank DiRocco" <ofanged1@xxxxxxxxx>
Date: Mon, 13 Mar 2006 16:13:38 -0500
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 13 Mar 2006 21:14:51 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=OFHpRiX3lp58+tvgMAyXZ2FkqD7XDEj4lbIUjq+/o8E32/1Sp2hpjGG3sBojuSReq6GclEUwRX4lAKwnd/SdofiOgNlXfBBwbbb3rVyEvmaiFKyEY+0hbtMFbL7P3LP/8HIhWq+BdIIrf0aoQNx0YIq72JBqXuSTIyIl0gb/QtI=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <1142282624.20086.66.camel@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <a7cb67200603131123q76308382ibba1c3d4f28b9019@xxxxxxxxxxxxxx> <1142279109.20086.56.camel@xxxxxxxxxxxxxxxxxxxxx> <a7cb67200603131220w23332111j15627cc4cae1985@xxxxxxxxxxxxxx> <1142282624.20086.66.camel@xxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Now Hear This. From this day forth any whom defy Patrick Wolfe will squander miserably at his feet for forgiveness! Oh great Patrick Please forgive my infidelity. I should never have doubted you!

ok seriously, you were right, a combination of "ifconfig down hw ether 00:01:29:xx:xx:xx; ifconfig eth0 up" and switching the rj-45 cables in the back of my machine got a dhcp address from my isp in no time.

On 3/13/06, Patrick Wolfe <pwolfe@xxxxxxxxxxxxxx > wrote:
I use cable modem too, and have to spoof the mac address of my old sony
laptop, which was the first machine I used on it, three years ago.

A cable modem is a passive bridge device.  It's your pc's mac address
that their DHCP server sees, not the cable modems.  Trust me on this.

On Mon, 2006-03-13 at 15:20 -0500, Frank DiRocco wrote:
> if i was not using a cable modem I would agree with you, but the cable
> modems mac address is what the isp uses. This im sure of because i
> changed the nic on the server im using now to do my routing and I
> didn't have to change anything. I'm going to set up a dhcp server
> localy and see if I get an address, after all its always some stupid
> configuration misspelling >: - P --- Thanks Patrick!
>
> oh and in the domu ifconfig shows the HW mac as 00:a0:cc:xx:xx:xx
> where as the real HW mac is 00:01:29:xx:xx:xx and this is automatic
> from xen I have not set any mac addresses.
>
> On 3/13/06, Patrick Wolfe < pwolfe@xxxxxxxxxxxxxx> wrote:
>         I'll bet your ISP will only serve IP addresses to the MAC
>         address that
>         first used their services.  The easy solution is clone your
>         current
>         internet interface's MAC address.  Find out the MAC address of
>         your
>         current debian box's internet interface, and configure that
>         exact same
>         MAC address on your domU firewall's internet
>         interface.  Another
>         solution is to call the ISP and ask them to change which MAC
>         you are
>         allowed to use.  But if you switch back, you have to call them
>         again.
>
>         As a side note, Xen has it's own assigned manufacturer's MAC
>         address
>         range - 00:16:3e:xx:xx:xx, so instead of your current mac
>         address
>         assignments aa:00:00:xx:xx:xx, you might want to consider
>         using the Xen
>         assigned range.  It probably won't break anything to use the
>         address
>         range you are using now, but somewhere down the road, you or
>         someone
>         else will be tracking down a problem, using a protocol
>         analyzer and not
>         remember that you made up that MAC address range, and won't
>         know what
>         that device is.  If you use the standard range, the protocol
>         analyzer
>         should be able to identify the manufacturer as Xen.
>
>         Good Luck!
>
>         On Mon, 2006-03-13 at 14:23 -0500, Frank DiRocco wrote:
>         > Hello again! I've got my vmware privleged domu running great
>         and a
>         > shorewall based firewall doing all the routing perfectly. so
>         i decided
>         > to use the procedure on my production server (mirrored so no
>         big deal
>         > if it goes down from time to time). the setup is exactly the
>         same as
>         > in vmware:MAC
>         >            ____________________________________
>         >            |     ___________________________            |
>         >            |     |
>         > |           |
>         > eth0----+----|        msxen0 from option-c.com
>         > |----------+------eth1 LAN
>         >            |     |          domu shorewall firewall
>         |
>         > |
>         >            |     |___eth2______________eth3___ |           |
>         >            |              |                                  |
>         > |
>         >            |              |                                  |_DMZ
>         > |
>         >            |              |
>         > |  yes this is broken on purpose so dmz access cannot reach
>         dom0
>         >            |              |
>         > |
>         >            |_______|_________________|__________ |
>         >            |
>         > |
>         >            |             dom 0 w/ dummy
>         module                    |
>         >            |    physdev_dom0_hide=(my nic interfaces)      |
>         MAC
>         >            |___________________________________ | (sorry my
>         asci
>         > stinks)
>         >
>         > as you can hopfully see dom0 only has two interfaces, dummy0
>         and
>         > dummy1. the firewall domu has 4 eth0 eth1 eth2 eth3. The
>         PROBLEM is i
>         > can not get a dhcp address from my ISP, it eventually times
>         out.
>         > Although, the exact same setup on a virtual machine inside
>         my lan,
>         > eth0 recives a dhcp address (localy) with no problems.
>         >
>         > xm list firewall (on both real server and test-server)public
>         > (vif (idx0) (vif0) (mac:aa:00:00:09:3e:fc) (vifname vif 1.0)
>         (bridge
>         > br0) (evtchn 14 4) (index 0))
>         > (vif (idx0) (vif1) (mac:aa:00:00:09:3e:fc) (vifname vif 1.1)
>         (bridge
>         > br0) (evtchn 15 5) (index 1))
>         > (vif (idx0) (vif2) (mac:aa:00:00:09:3e:fc) (vifname vif 1.2)
>         (evtchn
>         > 16 6) (index 2))
>         > (vif (idx0) (vif3) (mac:aa:00:00:09:3e:fc) (vifname vif 1.3)
>         (evtchn
>         > 17 7) (index 3))
>         >
>         > Is there anything I have to do the get the dhcp address from
>         the isp
>         > as oppesed to getting from a debian server on my lan.
>         > All comments questions and whatnot are welcomed and
>         appriciated.
>         >
>         > --
>         > Thank you,
>         > Frank  Di Rocco
>         >
>         > "Does an optimistic person look at a hard drive as half-full
>         or
>         > half-empty?" -ofanged1-at-gmail.com
>         > _______________________________________________
>         > Xen-users mailing list
>         > Xen-users@xxxxxxxxxxxxxxxxxxx
>         > http://lists.xensource.com/xen-users
>         --
>         Patrick Wolfe  ( pwolfe@xxxxxxxxxxxxxx)
>
>
>
>         -----BEGIN PGP SIGNATURE-----
>         Version: GnuPG v1.4.1 (GNU/Linux)
>
>         iD8DBQBEFcvFIibbc6631koRAqr8AKCVs
>         +KvEwD2npRB7iHVgy3EQHgnHQCgiYtU
>         mQnueDO1huydaS+8EAABmRE=
>         =urfO
>         -----END PGP SIGNATURE-----
>
>
>
>
>
> --
> Thank you,
> Frank  Di Rocco
>
> "Does an optimistic person look at a hard drive as half-full or
> half-empty?" -ofanged1-at-gmail.com
--
Patrick Wolfe  ( pwolfe@xxxxxxxxxxxxxx)



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBEFdmAIibbc6631koRAjwNAJ9d3dBHRGLxsR4Ohu3btJO6MQbqRwCfdNKA
8TNhmUeQq2oPtFOIS47lG/U=
=+owQ
-----END PGP SIGNATURE-----





--
Thank you,
Frank  Di Rocco

"Does an optimistic person look at a hard drive as half-full or half-empty?" - ofanged1-at-gmail.com
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>