This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] network-bridge breaks networking when eth0:1 is added

On Wed, Apr 29, 2009 at 1:37 AM, Kai Schaetzl <maillists@xxxxxxxxxxxxx> wrote:
> dom0:
> brctl show
> bridge name     bridge id               STP enabled     interfaces
> xenbr0          8000.001ec9fefbab       no              eth0
>                                                        vif14.0
> xenbr1          8000.001ec9fefbac       no              eth1
>                                                        vif14.1
> ip addr list | grep "inet "
>    inet scope host lo
>    inet brd scope global eth2
>    inet brd scope global xenbr0
>    inet brd scope global xenbr1

You have an error here.
you assign eth2 and xenbr1 IPs from the same IP subnet (
and are both on, yet they're not on the
same physical network (not on the same bridge, and not connected to
the same switch/vlan).

If the interfaces are on different physical network, you need to
assign different IP subnet.  I believe this is the root cause of
problem on your setup : basic TCP/IP networking.

> ip route
> via dev xenbr1  scope link

This one should not be necessary. When you setup the ip addresses
correctly you don't need to assign this route.

> dev eth2  proto kernel  scope link  src
> dev xenbr1  proto kernel  scope link  src

The correct way to fix the problem depends on how you want things to work.

First possibilty : If you want eth2 and xenbr1 to be on the same
network, you need to REMOVE eth2's IP address and assign it as a
bridge to xenbr1, so "brctl show" should look like this

xenbr1          8000.001ec9fefbac       no              eth1

Note that this means you put eth1 and eth2 on the same physical
network. Meaning :
- If both eth1 and eth2 are connected to the same switch, this setup
has the same effect as plugging a crossover cable on two switch ports.
- If eth1 is connected to a switch and eth2 is connected to another
server via a crossover cabel, this setup has the same effect as
connecting the second server directly to the switch.

Second possibilty : if eth2 and xenbr1 is intended to be a separate
network, you need to change the IP address so they're on a different

> domU is straight forward:
> no bridge
> ip addr list | grep "inet "
>    inet scope host lo
>    inet brd scope global eth0
>    inet brd scope global eth0:1
>    inet brd scope global eth1

Again, the same question. Does domU's eth1 supposed to be on the same
network as dom0's eth1, or is it supposed to be on the same network as
dom0's eth2? Or both?

> So, just to make it clear, *this* setup with the additional route is
> working now in all directions.

Bad idea.

> I now realize that my best option is
> probably to use a different subnet each for eth1 and eth2


> Oh, and I just find that using different nets for eth1 and eth2 solves the
> problem, anyway, without a static route. Like so:
> ip route
> dev eth2  proto kernel  scope link  src
> dev xenbr1  proto kernel  scope link  src
> dev xenbr0  proto kernel  scope link  src
> default via dev xenbr0

exactly :)
So I gather you chose the second possibilty?
This would mean that dom0 and domU can communicate (through bridging
on xenbr1). But this also mean domU will NOT be able to communicate to
whatever machine connected to dom0's eth2 (a4 machine?). If you want
it you need to :
- Setup dom0 as router, OR
- create another bridge for eth2 (say xenbr2) and add another vif on
domU connected to that bridge.

I suggest you enlist the help of network admins with your setup. To
make it simpler, think of bridge as another dumb switch without vlan

Hope that helps. Good luck with your setup.



Xen-users mailing list