WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] xen bridge and NAT

from [Christian Lyra] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] xen bridge and NAT
From: "Christian Lyra" <lyra@xxxxxxxxxxxxx>
Date: Mon, 12 Nov 2007 23:47:14 -0200
Delivery-date: Mon, 12 Nov 2007 17:48:18 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; bh=FbLM7wkYKpdehdr6K9devD7jPjB5lzQV1BkZ2QqKv5M=; b=ImUG5s/eN61zOwdOu4zgZ6M3p/e8Ouz/xpVYEOU0Uf4XWZ9ccLdW1CHCYQYsNVPGYy5KtROIeErzT/n/BKqvFsw6h+CValOy1yVgyZawr4opbOMXJdvyEDzYwlxX9PeXy02BsoUq0FploDPaaSxwfCZ4ZcQxpTtOc6twTzAeMjo=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=ix0V4lFPoRwVbmWd5rHpJkPALZLixldt0Aeq5LJrjuoAb721MlvNnuSiLQfJEaLka2HKVzA/Svr1xgZ6Da7uUhFwE33tbyw/guA2TdMgyh03zBxkP4Ng7IhgXlG5LI6rYEaowS52B6LHQSRaZAaoVr8s028MRxNyZ3DTvztbOUY=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Hi,

I´m trying to setup the following scenario:

<intranet> ------------------->|    xen bridge=intranet |   eth1    |
-------> <internet>
<virtual_machines> ------>|           netdev=eth0      |   <nat>  |

I mean, I have a xen machine with two nics, one connected to a
intranet and the other to the internet. As I want virtual machines and
real intranet machines on the same network I´m using the xen bridge
scripts to create a bridge called "intranet". This work as expected
and virtual machines, real machines and xen can all "see" and ping
each other. But xen is not NATing the packets sent to internet! I can
see the packets coming out unnated.

The relevant configs:

/etc/xen/xend-config.sxp

(network-script 'network-bridge netdev=eth0 bridge=intranet')
(vif-script vif-bridge)

/etc/network/interfaces

auto eth0
iface eth0 inet static
        address 10.0.0.254
        netmask 255.255.255.0

auto eth1
iface eth1 inet static
        address 192.168.0.22
        netmask 255.255.255.0
        gateway 192.168.0.1

/etc/network/nat.sh

#!/bin/sh
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward


A tcpdump -n -i eth1 shows packets coming out unnated.  Is this
expected? is there a way to make this work as expected?

-- 
Christian Lyra
PoP-PR/RNP

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] xen bridge and NAT, Christian Lyra <=
Previous by Date:  [Xen-users] Release: VMKNOPPIX for X86/X86_64 with Xen3.1.1, KVM48, UML, QEMU, VirtualBox, Kuniyasu Suzaki
Next by Date:  Re: [Xen-users] Best Distro for Xen, Fajar A. Nugraha
Previous by Thread:  [Xen-users] Release: VMKNOPPIX for X86/X86_64 with Xen3.1.1, KVM48, UML, QEMU, VirtualBox, Kuniyasu Suzaki
Next by Thread:  [Xen-users] software raid (mdadm) with a local partition and a nbd device., Tomoki Taniguchi
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy