Hi, I've been bashing my head over Xen networking for about a week now,
and I'd love to get some help from the list. I've read the Wiki, the
manual, the mailing list archives, and Googled my fingers to the bone.
I'll try to describe my problem as best as I can; if I've left anything
relevant out, please let me know what you need. In a nutshell:
-The server is at a colo facility, and I have no physical access to it,
just ssh.
-I have the IP addresses A.B.94.226 through 94.230. The gateway is at
94.225.
-Dom0 is configured with A.B.94.226. I've only set up a single DomU,
with A.B.94.227. I'm using Xen's bridging scripts.
-Dom0 can ping DomU. DomU can ping Dom0. Dom0 can reach the internet and
be reached by it, but DomU cannot.
DomU's /etc/network/interfaces:
root@dom0:~# cat /etc/network/interfaces
# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
# /usr/share/doc/ifupdown/examples for more information.
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
# Uncomment this and configure after the system has booted for the first
time
auto eth0
iface eth0 inet static
address A.B.94.227
netmask 255.255.255.248
gateway A.B.94.225
DomU config file:
root@dom0:~# cat /etc/xen/domU
# -*- mode: python; -*-
kernel = "/boot/vmlinuz-2.6.16.29-xen"
ramdisk = "/boot/initrd.img-2.6.16-29-xen"
memory = 128
name = "domU"
vif = ['bridge=xenbr0,ip=A.B.94.227']
disk =
['phy:/dev/xenvolume/domU,sda1,w','phy:/dev/xenvolume/domU-swap,sda2,w']
netmask = "255.255.255.248"
gateway = "A.B.94.225"
hostname = "domU"
root = "/dev/sda1 ro"
Some more info from Dom0:
root@dom0:~# brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
peth0
vif1.0
root@dom0:~# brctl showmacs xenbr0
port no mac addr is local? ageing timer
1 00:14:85:f7:ea:67 no 0.00
2 00:19:56:5a:e9:d5 no 1.03
2 00:60:3e:0b:9c:48 no 0.00
1 fe:ff:ff:ff:ff:ff yes 0.00
dom0 xend-config.sxp:
root@dom0:~# cat /etc/xen/xend-config.sxp | grep -v "^#" | grep "[a-z]"
(xend-relocation-server yes)
(xend-relocation-hosts-allow '^localhost$ ^localhost\\.localdomain$')
(network-script network-bridge)
(vif-script vif-bridge)
(dom0-min-mem 196)
(dom0-cpus 0)
I tried a tcpdump on dom0 while pinging an outside-the-network host from
domU, here's what I get:
domU:
root@domU:~# ping -c4 4.2.2.1
PING 4.2.2.1 (4.2.2.1) 56(84) bytes of data.
>From A.B.94.227 icmp_seq=1 Destination Host Unreachable
>From A.B.94.227 icmp_seq=2 Destination Host Unreachable
>From A.B.94.227 icmp_seq=3 Destination Host Unreachable
>From A.B.94.227 icmp_seq=4 Destination Host Unreachable
--- 4.2.2.1 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time
3002ms
, pipe 3
root@domU:~# ping -c4 A.B.94.226
PING A.B.94.226 (A.B.94.226) 56(84) bytes of data.
64 bytes from A.B.94.226: icmp_seq=1 ttl=64 time=0.113 ms
64 bytes from A.B.94.226: icmp_seq=2 ttl=64 time=0.107 ms
64 bytes from A.B.94.226: icmp_seq=3 ttl=64 time=0.090 ms
64 bytes from A.B.94.226: icmp_seq=4 ttl=64 time=0.087 ms
--- A.B.94.226 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.087/0.099/0.113/0.013 ms
Meanwhile in dom0:
root@dom0:~# tcpdump src host 66.254.94.227 -vv -a
tcpdump: WARNING: vif0.0: no IPv4 address assigned
tcpdump: listening on vif0.0, link-type EN10MB (Ethernet), capture size
96 bytes
14:57:36.016831 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:37.016795 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:38.016804 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:39.026781 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:40.026796 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:41.026795 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:54.872056 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 1, length 64
14:57:55.871054 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 2, length 64
14:57:56.870039 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 3, length 64
14:57:57.869040 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 4, length 64
14:57:59.864254 arp reply woc-2.ce.webhost.net is-at 00:16:3e:39:f0:ab
(oui Unknown)
11 packets captured
25 packets received by filter
0 packets dropped by kernel
root@dom0:~#
As you can see, when domU is trying to ping 4.2.2.1, it's sending ARP
who-has requests that apparently never get answered. When domU is trying
to ping dom0, it just pings it with no problems. So where should I start
looking for a misconfiguration? How can I troubleshoot this?
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|