WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] XEN, VLANs and network problems

from [Stephan Seitz] [Permanent Link][Original]
To: xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-users] XEN, VLANs and network problems
From: Stephan Seitz <nur-ab-sal@xxxxxx>
Date: Fri, 20 Jul 2007 16:11:28 +0200
Delivery-date: Fri, 20 Jul 2007 07:09:25 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Mail-followup-to: xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
Organization: Minas Tirith, Gondor
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.16 (2007-06-11) 
Hi!
I’m trying to expand a XEN environment. The hardware has two NICs joined together by the bonding driver. All traffic between the switch and the bond0 interface has VLAN tags.
At the beginning I had only DomUs in two VLANs which I configured in the following way: 
- I created dummy vlan interfaces without IP address;
- I created bridges with one connection to the dummy vlan interfaces;
- the VIFs of the DomUs where configured to attach to the given bridge:

With this the DomUs will only see the untagged traffic of their networks.

Debian-Example:
/etc/network/interfaces:
[snip]
auto vlan10
iface vlan10 inet manual
        vlan-raw-device bond0
auto xenbr10
iface xenbr10 inet manual
        bridge_ports vlan10
        bridge_maxwait 0
[snip]
Everything worked as planned, but now I have a DomU needing more than three NICs (and I will need another DomU needing 9). I realized that XEN supports only three virtual NICs. 

What to do now?
I tried to create a new bridge directly attached to bond0:
auto xenbrefw0
iface xenbrefw0 inet manual
        bridge_ports bond0
        bridge_maxwait 0
and using VLANs within the DomU. But this worked not at all. Trying to ping a host outside the XEN environment but in the same network from this DomU I can see ARP requests going to the target host (sniffing at bond0). The target host is receiving the ARP requests and answered them, but I can’t see the ARP replies at the bond0 interface, so the DomU doesn’t see any answers as well. 

The question is why? How can I configure this situation correctly?
Another problem is that the new DomU directly attached to bond0 would see more networks as it should. How can I restrict this? Could I use ebtables to filter allowed VLANs between bond0 and the xenbrefw0? 

Any help in this matter is appreciated.

Shade and sweet water!

        Stephan

--
| Stephan Seitz                    E-Mail: Nur-Ab-Sal@xxxxxx |
| PGP Public Keys: http://fsing.rootsland.net/~stse/pgp.html |

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] XEN, VLANs and network problems, Stephan Seitz <=
Previous by Date:  Re: [Xen-users] x11 why?, Nico Kadel-Garcia
Next by Date:  Re: [Xen-users] xm list doesn't work, James Wilson
Previous by Thread:  [Xen-users] x11 why?, Zoran Kikic
Next by Thread:  [Xen-users] Zombie domU, Dylan Martin
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy