On Fri, Jan 29, 2010 at 9:41 PM, Rainer Sokoll <rainer@xxxxxxxxxx> wrote:
> On Fri, Jan 29, 2010 at 09:09:23PM +0700, Fajar A. Nugraha wrote:
>
>> You might want to try changing the NAT conditions from using "-o eth2"
>> to simply using --source and --destination first, with MASQUARADE for
>> simplicity and easy-debugging. A colleague had some problems a while
>> back, turned out he uses the wrong interface for "-o".
>
> If I follow your instructions, I see the natted (yeah!) packets on
> vif0.1 - but nothing on eth2 (where the default route sits) - for both
> SNAT and MASQUERADE.
> Hm, ist that a step forward?
Yup, it's getting somewhere. At this point we need a closer detail on
what your setup looks like. I assume you use RHEL/Centos 5 with the
default bridge setup? A "brctl show" and "netstat -nr" on dom0 would
help. Also a bit explanation on where the packet is coming from.
vif0.1 -> that comes as a pair with dom0's eth1 (which is actually
veth1 renamed to eth1, while the real eth1 is renamed to peth1). So
assuming the packet comes from outside of dom0 (from domU or other
hosts), and dom0 does the routing, it's safe to say that you have a
routing problem: the packets go to eth1 instead of eth2.
There's another possible alternative explanation, one that's more
complicated. In this scenario you have domUs bridged on xenbr1, and
they have their own routing setup (NOT go through dom0). But from your
previous description this should not be the case.
--
Fajar
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
Home