WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] Can't access xen machines via vpn connection

from [john ewing] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Can't access xen machines via vpn connection
From: john ewing <j.ewing@xxxxxxxxxx>
Date: Mon, 22 Mar 2010 14:44:46 +0000 (GMT)
Delivery-date: Mon, 22 Mar 2010 07:46:16 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=talk21.com; s=s1024; t=1269269086; bh=1ksprCw20j8AGeYssB0EoZVnvRW4HmvxqKJWFr8WNdw=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=ytohESpyhyCcpfzBbXjRNEf9woVod/y2JCVbGi4QqraENCyHhzwu4xdPZo1oYenXoBwT2ZDuck695V3k3GKHVgqsr8cMlWwZlL5b1bN7IPQa5I/daYKskktS/WS8wli87PTpUxrQkHh1DZu87slqHoGB0/eprign9svZHmbdKKc=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=talk21.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=QIyuDzgVz6Iltz44L//orUjIBapE7pcLZFADlGf+MEyHYIlXCOLZFd7BBY6Hci305zWuJ6+IExwI5t5zskCebiQa0/OL0OL42dOUuyIKz0EKmfZK4liK4o3Z6p8T97yoetXlSCSwwXlXnR6qQu+lejj+Rmyc+xLLf4Wbs8LJzSk=;
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hi,

I have a Centos based Xen server on my lan which works perfectly appart from
it appears to ignore traffic arriving over our VPN connection.

The vpn connection is via an IPCOP box which has the Zerina Open VPN package installed.
The network setup on the VPN box is
>> this is the lan interface
eth0      Link encap:Ethernet  HWaddr 00:C0:9F:0A:F2:ED
          inet addr:192.168.0.3  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5071269 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7092516 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:828541223 (790.1 MB)  TX bytes:2636364890 (2514.2 MB)
          Interrupt:20 Base address:0xecc0 Memory:fe123000-fe123038
>> this is the external internet connection
eth1      Link encap:Ethernet  HWaddr 00:02:B3:AB:8C:1C
          inet addr:10.10.10.3  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:6544488 errors:1 dropped:0 overruns:0 frame:1
          TX packets:5350765 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2326050702 (2218.2 MB)  TX bytes:812206696 (774.5 MB)
          Interrupt:30 Base address:0xec80 Memory:fe122000-fe122038

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:91 errors:0 dropped:0 overruns:0 frame:0
          TX packets:91 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:21208 (20.7 KB)  TX bytes:21208 (20.7 KB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00                                                                             -00
          inet addr:10.89.240.1  P-t-P:10.89.240.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:260387 errors:0 dropped:0 overruns:0 frame:0
          TX packets:143080 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:329927086 (314.6 MB)  TX bytes:13037548 (12.4 MB)


I can ping and connect to any other machine on the LAN subnet (192.168.0.x) but when I try to contact
either Dom0 192.168.0.4 or one of the DomU VMs 192.168.0.6 I just get "Request Timeout for icmp_seq"
I can ping these ips from within the LAN no problem, and I have tried completely disabling the firewall on the DOM0 machine
but it makes no difference.

Any help appreciated

Cheers

John.


The network setup on the xen server is
#ifconfig
eth0      Link encap:Ethernet  HWaddr 00:02:B3:CA:0B:0E
          inet addr:192.168.0.4  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::202:b3ff:feca:b0e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7739767 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5355591 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:627301593 (598.2 MiB)  TX bytes:399085564 (380.5 MiB)

eth1      Link encap:Ethernet  HWaddr 00:C0:9F:21:FE:1D
          inet addr:10.10.10.29  Bcast:10.10.10.255  Mask:255.255.255.0
          inet6 addr: fe80::2c0:9fff:fe21:fe1d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15970 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4296 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:8628848 (8.2 MiB)  TX bytes:365795 (357.2 KiB)

lan       Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:1002013 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:119949040 (114.3 MiB)  TX bytes:0 (0.0 b)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3008 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3008 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:411818 (402.1 KiB)  TX bytes:411818 (402.1 KiB)

peth0     Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:104108735 errors:0 dropped:0 overruns:0 frame:0
          TX packets:124569365 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3045586779 (2.8 GiB)  TX bytes:4121122264 (3.8 GiB)

peth1     Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:4445260 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2063177 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:1293307650 (1.2 GiB)  TX bytes:868202984 (827.9 MiB)
          Base address:0xecc0 Memory:fe120000-fe140000

vif0.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:5355637 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7739790 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:399092840 (380.6 MiB)  TX bytes:627302973 (598.2 MiB)

vif0.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:92497 errors:0 dropped:0 overruns:0 frame:0
          TX packets:175446 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:10660969 (10.1 MiB)  TX bytes:155208263 (148.0 MiB)

vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:95670639 errors:0 dropped:0 overruns:0 frame:0
          TX packets:106452505 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:1428673350 (1.3 GiB)  TX bytes:3730955382 (3.4 GiB)

vif2.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:1928227 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1763740 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:827725678 (789.3 MiB)  TX bytes:990494758 (944.6 MiB)

virbr0    Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:46 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:9622 (9.3 KiB)

wan       Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:58395 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:5527685 (5.2 MiB)  TX bytes:0 (0.0 b)

#brctl show
bridge name     bridge id               STP enabled     interfaces
lan             8000.feffffffffff       no              vif2.0
                                                        peth0
                                                        vif0.0
virbr0          8000.000000000000       yes
wan             8000.feffffffffff       no              vif2.1
                                                        peth1
                                                        vif0.1



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Trying to clone one client to another host, but would like to configure the LVM disc aforehand, Pasi Kärkkäinen
Next by Date:  Re: [Xen-users] XCP how to import ISO, Outback Dingo
Previous by Thread:  [Xen-users] Trying to clone one client to another host, but would like to configure the LVM disc aforehand, J4
Next by Thread:  Re: [Xen-users] Can't access xen machines via vpn connection, Luca Sironi
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy