WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] Xen and OpenVPN

from [Kai Wembacher] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Xen and OpenVPN
From: Kai Wembacher <kai@xxxxxxxxxxxxx>
Date: Sun, 13 Aug 2006 22:12:16 +0200
Delivery-date: Sun, 13 Aug 2006 13:13:09 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Hi,
I have some problems with my OpenVPN server in a Xen DomU. OpenVPN works fantastic but theres a problem connecting other DomUs on this server.
I have the following iptable rule to forward the requests to the internet. 

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE
This works fine. I can connect to other DomUs on the same server but they can't answer the request.
On the other DomUs I've deleted the route to the subnet all DomUs are in. So all traffic goes trough the internet gateway in the datacenter and then back to my server with Xen. 

So I have the following two routing ways:
OpenVPN Client ---> tap0 OpenVPN Server (DomU 1) ---> xenbr0 (i think) ---> DomU 2 This doesn't work ... I can connect to DomU 2 but it seems that DomU 2 can't answer this request. (I tried to connect to the SMTP-Server using telnet. The connection is logged but I don't get any answer from the SMTP-Server.)
OpenVPN Client ---> tap0 OpenVPN Server (DomU 1) ---> xenbr0 (i think) ---> DomU 2 DomU2 ---> xenbr0 ---> peth0 ---> Internet Gateway (Datacenter) ---> peth0 ---> xenbr0 ---> DomU 1 ---> tap0 ---> OpenVPN Client 
This works fine but it is not the best solution.

I hope you can help me.

Best regards,
Kai Wembacher

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] using physical disks with HVM, Henning Sprang
Next by Date:  Re: [Xen-users] AM2 motherboard drivers?? (asus m2n-e), Tom Brown
Previous by Thread:  [Xen-users] using physical disks with HVM, Henning Sprang
Next by Thread:  Re: [Xen-users] Xen and OpenVPN, Nicholas Lee
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy