WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] can't add vlans successfully

To: "Fajar A. Nugraha" <fajar@xxxxxxxxx>
Subject: Re: [Xen-users] can't add vlans successfully
From: Zhang Li <cindy.zhangli@xxxxxxxxx>
Date: Tue, 11 Aug 2009 18:39:59 +0800
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 11 Aug 2009 03:40:40 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Inwx77mmbGOitreoXIN4AB2ZdKqkVn2egwNCx5uRo1M=; b=VOuEtcrUL8rXpeud+GN4+R8j6Tc/bg8eZRg7nQRybWYN9r7c5QZ4CKBrztabCRaBba mHFbXGgZVolIxcu5Sx+gmInGaPUYMBLoYvoWttECxFMTymgPXQaAn3h9ZdDioT6w/E3P gMAC9d11XVjBx2b9GTMsAXkbSXbfZWlx6IBwk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=eh3B/Hjm1YTSPY3bKj9ycrygeJlyrUatDLmoQ+y2zaVztOTWnyK3CVR2q9YbMe8PcX Oll7Bgh89ih+z4OwCpN6f5v0mQt0Q778lIwYjpkDH8UqtVJh7hZxcdoXWbjSl1n0LBkN BRiQYcCycyJMhOPhdxx3W3nIrFBcBcZivazsw=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <7207d96f0908110246w1c7350c9t80e8cd365184e83@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <790b14c90908102056o3a091803w793b4e861584da57@xxxxxxxxxxxxxx> <7207d96f0908102146t40548690s2a1d1fbc068f1c3f@xxxxxxxxxxxxxx> <790b14c90908110231j4d848b32r9a0f49ea6749f63e@xxxxxxxxxxxxxx> <7207d96f0908110246w1c7350c9t80e8cd365184e83@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
On Tue, Aug 11, 2009 at 5:46 PM, Fajar A. Nugraha<fajar@xxxxxxxxx> wrote:
> On Tue, Aug 11, 2009 at 4:31 PM, Zhang Li<cindy.zhangli@xxxxxxxxx> wrote:
>> Hi, Fajar
>>
>>> After that, I'd test whether vlan works before throwing in bridge and
>>> Xen to mix. For example, I'd create eth0.100 on top of eth0, and test
>>> it. If it works, I create br100 on top of eth0.100 and move the IP
>>> address to br100. After it works, I tell domU to use br100 as bridge.
>>
>> I tried the way you told me, every thing is OK. eth0.100 works, br100
>> works and I tell domU to use br100.
>> And then assign one IP ADDRESS to it. it can't ping the address of
>> outside internet.
>
> OK one at a time :D
> By "br100 works", does that mean if you put IP address on that
> interface, you can access outside world (or at least other hosts also
> located on vlan100)?
>

yes. br100 can access outside world. Does it means vlan is ok? And the
domainUs in the same vlan can communicate.

> By "And then assign one IP ADDRESS to it. it can't ping the address of
> outside internet.", does that mean you put IP address on domU but it
> can't access anywhere? If yes, do a ping from domU and a tcpdump on
> br100 and eth0.100, see which packets are missing (does arp receives
> no reply? or is it only the icmp echo/reply gone missing)

yes. arp receives no reply. And ICMP echo/reply gone missing.
I think they can connect each other in the same vlan within the same
IP subnet .
if it connect to outside, it should need router. I don't know XEN
whether can do this.

>
> Another thing to check. Are you using old broadcom NIC with tg3
> driver? If yes, it's probably firmware problem. On one of my machines
> I can't get bridging to work until I updated its firmware.
>
>>
>> Another question, does the domain U must need the 8021Q? When one
>> DomainU send one frame to another, will the bridge add the tag to the
>> frame with 8021Q?
>>
>> I have some experiment here:
>>
>> If domain U use the 8021Q module, it will add the tag to the frame by
>> itself and the vlan is setup, bridge doesn't need to add tag. But if
>> domain U doesn't use 8021Q module, I think the bridge will add the tag
>> to the frame, the problem of I have told still exists.  I am confused.
>
> I'm not sure I understand your question. However you can do these:
> Scenario 1: you can have eth0, create a bridge on top of it, share it
> it domU, and do vlans in domU. It will work if you do NOT create the
> same vlan on dom0 (e.g. do not create eth0.100 on dom0, create it only
> on domUs). You may also need to set
> /proc/sys/net/bridge/bridge-nf-filter-vlan-tagged to 0 (not quite sure
> about this, as it has been a long time since I pass a trunk :P). From
> domU perspective this is similar with connecting to a switch using a
> trunk port.
>
> Scenario2: you can do vlans on dom0, create a bridge for each vlans,
> and tell domU to use the bridge. From domU perspective this is similar
> with connecting to a switch using an access port.
>

I think we are saying the same thing.
But I am not familar with the bridge of XEN, I don't know whether it
can implement the trunck link.
For Scenario2, either domain0 or domainU don't need the 8021Q. am I right?

> --
> Fajar
>



-- 
Best regards
--Li

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users