| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
RE: [Xen-users] strange networking issue in xen DomU
I would guess from your logs that your DomU simply misses a
default route, so it can only send out packets to the 143.215.129.0 network.
Try adding a default route in your DomU, e.g. by calling “ip
route add default via $gateway_ip_address dev eth0”. $gateway_ip_address
should be your routing box that connects to outside networks.
From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Sarika Ray
Sent: 03 December 2008 06:19
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] strange networking issue in xen DomU
I have a xen 3.2.0 setup with 2.6.18. XenoLinux kernel and FC8 Dom0 file system. I have
used xen-tools to create a Debian-Etch DomU.
With the default setup I was not able to ping to any other host except
Dom0. I guess that was due to forward chaining issue with my Dom0. But then I
modified my iptables configuration in Dom0 to comment out the forwarding
rule that was rejecting everything. So now I am being able to ping to all the
hosts in the same L3 subnet as my DomU but not not anything other than that.
So could any please tell me what I am doing wrong? I am including some details
below. Let me know if I am missing to provide some necessary information.
**********
my DomU config file is as follows:
#
# Configuration file for the Xen instance dmvirt1.xxx, created
# by xen-tools 3.9 on Tue Dec 2 17:51:45 2008.
#
#
# Kernel + memory size
#
kernel = '/boot/vmlinuz-2.6.18.8-xen'
ramdisk = '/boot/initrd-2.6.18.8-xen.img'
memory = '128'
#
# Disk device(s).
#
root = '/dev/sda2 ro'
disk = [
'phy:/dev/DomUVols/dmvirt1.xxx-swap,sda1,w',
'phy:/dev/DomUVols/dmvirt1.xxx-disk,sda2,w',
]
#
# Hostname
#
name = 'dmvirt1.xxxx'
#
# Networking
#
vif = [
'ip=143.215.129.1xx,mac=00:16:3E:88:22:AA' ]
vfb = ['type=vnc']
#
# Behaviour
#
on_reboot = 'restart'
on_crash = 'restart'
extra = "xencons=xvc console=xvc console=tty"
*******************
*****************
Some other DomU Details
dmvirt1:~# ifconfig
eth0 Link encap:Ethernet HWaddr
00:16:3E:88:22:AA
inet addr:143.215.129.157 Bcast:143.215.129.255 Mask:255.255.255.0
inet6 addr:
fe80::216:3eff:fe88:22aa/64 Scope:Link
UP BROADCAST RUNNING
MULTICAST MTU:1500 Metric:1
RX packets:1206 errors:0
dropped:0 overruns:0 frame:0
TX packets:68 errors:0
dropped:0 overruns:0 carrier:0
collisions:0
txqueuelen:1000
RX bytes:114259 (111.5
KiB) TX bytes:10024 (9.7 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128
Scope:Host
UP LOOPBACK
RUNNING MTU:16436 Metric:1
RX packets:0 errors:0
dropped:0 overruns:0 frame:0
TX packets:0 errors:0
dropped:0 overruns:0 carrier:0
collisions:0
txqueuelen:0
RX bytes:0 (0.0 b)
TX bytes:0 (0.0 b)
dmvirt1:~# route -n
Kernel IP routing table
Destination Gateway
Genmask Flags Metric
Ref Use Iface
143.215.129.0 0.0.0.0
255.255.255.0
U 0
0 0 eth0
dmvirt1:/etc# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 143.215.129.1xx
gateway 143.215.129.1
netmask 255.255.255.0
broadcast ${broadcast}
# post-up ethtool -K eth0 tx off
#
# The commented out line above will disable TCP checksumming which
# might resolve problems for some users. It is disabled by default
#
dmvirt1:~# ping www.yahoo.com
ping: unknown host www.yahoo.com
dmvirt1:~# ping 69.147.76.15
connect: Network is unreachable
*******************
Dom0 Details
[root@kahn dev]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt
source
destination
RH-Firewall-1-INPUT all --
anywhere
anywhere
Chain FORWARD (policy ACCEPT)
target prot opt
source
destination
ACCEPT all --
dmvirt1
anywhere
PHYSDEV match --physdev-in vif17.0
ACCEPT udp --
anywhere
anywhere
PHYSDEV match --physdev-in vif17.0 udp spt:bootpc dpt:bootps
Chain OUTPUT (policy ACCEPT)
target prot opt
source
destination
Chain RH-Firewall-1-INPUT (1 references)
target prot opt
source
destination
ACCEPT all --
anywhere
anywhere
ACCEPT icmp --
anywhere
anywhere icmp
any
ACCEPT esp --
anywhere
anywhere
ACCEPT ah --
anywhere
anywhere
ACCEPT udp --
anywhere
224.0.0.251
udp dpt:mdns
ACCEPT udp --
anywhere
anywhere udp
dpt:ipp
ACCEPT tcp --
anywhere
anywhere tcp
dpt:ipp
ACCEPT all --
anywhere
anywhere state
RELATED,ESTABLISHED
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpt:ssh
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpt:http
ACCEPT tcp --
anywhere
anywhere state
NEW tcp dpt:nfs
ACCEPT udp --
anywhere
anywhere
state NEW udp dpt:nfs
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpt:https
ACCEPT tcp --
anywhere
anywhere state
NEW tcp dpt:domain
ACCEPT udp --
anywhere
anywhere
state NEW udp dpt:domain
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpt:sunrpc
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpt:telnet
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpt:cvspserver
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpts:terabase:pxc-splr-ft
ACCEPT udp --
anywhere
anywhere
state NEW udp dpts:terabase:pxc-splr-ft
ACCEPT tcp --
anywhere
anywhere
state NEW tcp dpt:teradataordbms
REJECT all --
anywhere
anywhere
reject-with icmp-host-prohibited
[root@kahn dev]# ifconfig
eth0 Link encap:Ethernet HWaddr
00:1A:A0:1B:88:E1
inet
addr:143.215.129.2xx Bcast:143.215.129.255 Mask:255.255.255.0
inet6 addr:
fe80::21a:a0ff:fe1b:88e1/64 Scope:Link
UP BROADCAST RUNNING
MULTICAST MTU:1500 Metric:1
RX packets:506521
errors:0 dropped:0 overruns:0 frame:0
TX packets:165558
errors:0 dropped:0 overruns:0 carrier:0
collisions:0
txqueuelen:0
RX bytes:423458331
(403.8 MiB) TX bytes:11964484 (11.4 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128
Scope:Host
UP LOOPBACK
RUNNING MTU:16436 Metric:1
RX packets:235929
errors:0 dropped:0 overruns:0 frame:0
TX packets:235929
errors:0 dropped:0 overruns:0 carrier:0
collisions:0
txqueuelen:0
RX bytes:36772495 (35.0
MiB) TX bytes:36772495 (35.0 MiB)
peth0 Link encap:Ethernet HWaddr
00:1A:A0:1B:88:E1
inet6 addr: fe80::21a:a0ff:fe1b:88e1/64
Scope:Link
UP BROADCAST RUNNING
MULTICAST MTU:1500 Metric:1
RX packets:553720
errors:0 dropped:0 overruns:0 frame:0
TX packets:162980
errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:434130358
(414.0 MiB) TX bytes:13050967 (12.4 MiB)
Interrupt:20
vif17.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr:
fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING MULTICAST
MTU:1500 Metric:1
RX packets:361 errors:0
dropped:0 overruns:0 frame:0
TX packets:4092 errors:0
dropped:5 overruns:0 carrier:0
collisions:0
txqueuelen:32
RX bytes:43052 (42.0
KiB) TX bytes:393229 (384.0 KiB)
[root@kahn dev]# brctl show
bridge name bridge
id
STP enabled interfaces
eth0
8000.001aa01b88e1
no
peth0
vif17.0
******************
|
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home