WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] bridge and iptables

from [Giuseppe Sacco] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] bridge and iptables
From: Giuseppe Sacco <giuseppe@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 12 Apr 2007 11:48:59 +0200
Delivery-date: Thu, 12 Apr 2007 02:45:28 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: Lixper S.r.L.
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Hi everybody,
I am new to the XEN world and I have a problem on a simple installation.
My machine have two network interfaces, named eth100 (DSL connection)
and eth1000 (LAN connection). I already installed a XEN kernel for a
while, using "(network-script network-dummy)" but now I created a new
image and I have to configure the network. Since I would like to have a
bridge on the eth1000 (LAN) interface, I wrote this line
in /etc/xen/xend-config.sxp:

(network-script 'network-bridge vifnum=0 netdev=eth1000 antispoof=no')

It seems to be working, since I can still access to the LAN and the
internet, but all other machines that used this machine as gateway
cannot access internet anymore.

The script I used in order to make them access internet is very simple:

#!bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING \
        --out-interface eth100 \
        --protocol tcp --source 192.168.215.1/27 \
        --destination '!' 192.168.215.1/27
        --jump SNAT --to-source $PUBLIC_IP

now, the script does not give any error, but the connection doesn't work
anymore.

ipconfig show these interfaces:
eth100    Link encap:Ethernet  HWaddr 00:10:A7:02:A4:79  
          inet addr:$PUBLIC_IP  Bcast:89.255.255.255  Mask:255.255.255.255
eth1000   Link encap:Ethernet  HWaddr 00:15:C5:F6:CD:9A  
          inet addr:192.168.215.1  Bcast:192.168.215.31  Mask:255.255.255.224
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
peth1000  Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
vif0.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
xenbr0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
          inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

What am I missing here? Is there any problem with bridging and iptables?

Thanks,
Giuseppe

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] bridge and iptables, Giuseppe Sacco <=
Previous by Date:  RE: [Xen-users] Some Doubts regarding HVM, Petersson, Mats
Next by Date:  [Xen-users] domu under sles10, Janko Harej
Previous by Thread:  [Xen-users] XEN Error 22 Invalid Argument, Dave Durkee
Next by Thread:  [Xen-users] domu under sles10, Janko Harej
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy