[Xen-users] different vlans in different domU's

["Angel L. Mateo" <amateo@xxxxx>]

Hello,

I am trying to configure xen to work with the same configuration:

* I have dom0 with one ethernet interface connected to my network. This
interface (eth0) has an IP address in the vlan assigned to its port (the
"typical" configuration).

* I have a domU which ethernet interface is in the same network (and
vlan). I configure this domU as:

vif = [ '' ]
ip="<its ip>"
netmask="<its netmask>"
gateway="<its gateway>"
hostname="<its hostname>"

this domU is working perfectly. I can boot it and I can connect to its
services (for example, ssh).

* I have another domU I want it to be connected to a different vlan,
although I want to use the same ethernet physical interface.

So I want to know how do I have to configure this domU so its network
works.

In a typical configuration (without xen) I have to do:

1. vconfig add eth0 <vlan_id>: To create a virtual interface connected
to this vlan. This virtual interface will tag all sent packets with the
corresponding vlan tag.
2. Configure the interface eth0.<vland_id> with its corresponding IP
address, netmask, etc.

If a do this, I can work with the new IP, so the network switch is
correctly configured.

My problem is that I am trying to configure it (with xen) as:

1. I create the eth0.100 (for vlan id 100) interface with the vconfig
command.
2. I do an ifconfig eth0.100 up
3. I create a new brigde called xen-br100
4. I run: /etc/xen/scripts/network start netdev=eth0.100
bridge=xen-br100 antispoof=no
5. I configure the domU as:

        vif = [ 'bridge=xen-br100' ]
        ip="172.19.3.123"
        netmask="255.255.255.0"
        gateway="172.19.3.254"
        hostname="a hostname"

(this IP, netmask and gateway is the corresponding to my vlan 100).

With this configuration, network seems to work (just seems), because I
can ping to its IP address. The problem is that I can't contact with it
by udp neither tcp, just by icmp. But I run tcpdump in dom0 on the
eth0.100 interface, I can use all network functions in the domU (tcp and
udp too).

I have also check that I haven't got any filter (iptables or other) that
could filter it.

I don't know what I'm doing wrong. I'm not sure of needing another
bridge to this configuration (to work without xen, I don't need any
bridge to tag an interface). I've just followed the instructions found
in the xen howto at http://wiki.xensource.com/xenwiki/XenNetworking.

I guess this isn't an unsual configuration (having different domUs
running in the different networks and vlans), so I guess it could be
there a solution to this configuration.

-- 
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 968367590
Fax: 968398337



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users