WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] NET Network / Server running on internal Network not rea

from [Robert M. Münch] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] NET Network / Server running on internal Network not reachable
From: Robert M. Münch <robert.muench@xxxxxxxxxxxxxxx>
Date: Thu, 10 Jul 2008 23:00:45 +0200
Delivery-date: Thu, 10 Jul 2008 14:01:21 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <op.udzlyre33b5602@robby-laptop>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <op.udzlyre33b5602@robby-laptop>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Opera Mail/9.50 (Win32)
On Tue, 08 Jul 2008 21:05:05 +0200, Robert M. Münch <robert.muench@xxxxxxxxxxxxxxx> wrote:
Hi all, since several days I try to get NAT networking to work, which is driving my nuts... I don't know what to do anymore. Maybe some expert have a good tip for me. I have ready almost anything about this topic and tested most stuff, but still no luck.
I want to run a web-server on a DomU. Hence I used the normal NAT setup from xen. 

Current setup & situation

1. DomO can access the internet
2. Dom0 can access the DomU
3. DomU (10.0.0.1) can access the internet
4. DomU can access Dom0

What's not working is that I can't reach the web-server running on DomU.
Hi, answering to my own posting, I have found out something I think is the source of the problem: 


Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT tcp -- anywhere eisxen tcp dpt:www to:10.0.0.1:80
This rule should rewrite the incoming TCP packet with a new internal IP, so that the normal routing than routes it to the VM running the web-server.
But TCPDUMP shows that the packet goes into PREROUTING and than into FORWARD:
PREROUTING ENTER: IN=xenbr0 OUT= PHYSIN=peth0 MAC=00:11:6b:94:d8:ea:00:18:74:84:8c:00:08:00 SRC=153.57.18.221 DST=87.118.120.16 LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=54899 DF PROTO=TCP SPT=63149 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
FORWARD ENTER: IN=xenbr0 OUT=xenbr0 PHYSIN=peth0 PHYSOUT=vif0.0 SRC=153.57.18.221 DST=87.118.120.16 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=54898 DF PROTO=TCP SPT=37545 DPT=80 WINDOW=64240 RES=0x00 RST URGP=0
And DST=87.118.120.16 is my external static IP. I expected here DST=10.0.0.1
Than I have this error message: Performing cross-bridge DNAT requires IP forwarding to be enabled
I have searched for this but didn't found anything useful. Routing is enabled but I still think there are some problems. I'm not sure if this is the source of the problem that the IP isn't rewritten. 

Is this a known problem? Does anyone know a solution to this?

--
Robert M. Münch
http://www.robertmuench.de

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Freebsd (still) not booting in Xen HVM?, Ralf Hornik Mailings
Next by Date:  [Xen-users] Xen guests clock is exactly 2 hours before dom0 time, Ralf Hornik Mailings
Previous by Thread:  Re: [Xen-users] NET Network / Server running on internal Network not reachable, Robert M. Münch
Next by Thread:  RE: [Xen-users] NET Network / Server running on internal Network not reachable, Dustin Henning
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy