WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] Re: Qestion about the Xen network?

from [Bei Guan] [Permanent Link][Original]
To: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>, Xen Devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Re: Qestion about the Xen network?
From: Bei Guan <gbtju85@xxxxxxxxx>
Date: Fri, 22 Oct 2010 23:50:54 +0800
Cc:
Delivery-date: Fri, 22 Oct 2010 08:52:02 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=VSrd7c4orAuZ2xVwZOFgt4NQRUb6ACsppvi2ls/6d8Y=; b=aQZmGOFr8twHDc38UdePsy/kF7VBzkR5WpgOWxESJ5r/zPPZpXt1V2+wDK61paU4gA gBY5M3qB8pJINkkRV1EBycA4lqzZS1IqIzKJN4+P2cEAWZnQ1pIuFqCYQ854O0BUHSr7 gY4mFJqQRo9eT8z2TudjEGPD9h8SAJeh0CBzk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=YOQw7zSYnkUdzM/ZR4B58Dkt+ZphvkiZ4MhFHnB7rPvtockAqJUxA/01rWVXZQrPc8 Tr9VC980gD4G2LRR+QhehgvJU/vnfAaEL2NoPFLKDY3pjDdqGQKAo/yQZIcZB3uRBmzQ +/y32/FlE/ddbH0Fmpt+sDVKetLv7zi2iFv5I=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AANLkTin63QQ68jkZ9B1W-VZizOHt=hKbBUMmxLiHkWO7@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <AANLkTikju8iBPZ+RTNOnCsOfpCvQwcxi3c0+pHFb_6+F@xxxxxxxxxxxxxx> <AANLkTinasTvF_+fOmomuyEJ10c6RpD_dRKoBbxwEHKji@xxxxxxxxxxxxxx> <20101022150437.GF5227@xxxxxxxxxxxxxxxxxxxxxxx> <AANLkTin63QQ68jkZ9B1W-VZizOHt=hKbBUMmxLiHkWO7@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
When I run the client from Dom0 (Fedora 8) to connect to server running in the PV Ubuntu (use the virbr0 as bridge). The command and data caught by tcpdump are:

[root@localhost test1]# ./server 8081

root@ubuntu:~/test1# ./client 192.168.1.192 8081
agrv[1] = 192.168.1.192
Connect Error:No route to host

[root@localhost ~]# tcpdump -i virbr0 -nn
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on virbr0, link-type EN10MB (Ethernet), capture size 96 bytes
23:49:18.581878 IP 192.168.122.187.37635 > 192.168.1.192.8081: S 2526621589:2526621589(0) win 5840 <mss 1460,sackOK,timestamp 4294946904 0,nop,wscale 4>
23:49:21.577743 IP 192.168.122.187.37635 > 192.168.1.192.8081: S 2526621589:2526621589(0) win 5840 <mss 1460,sackOK,timestamp 4294947204 0,nop,wscale 4>
23:49:21.607282 IP 192.168.122.1 > 192.168.122.187: ICMP host 192.168.1.192 unreachable, length 68
23:49:21.607296 IP 192.168.122.1 > 192.168.122.187: ICMP host 192.168.1.192 unreachable, length 68
23:49:23.577759 arp who-has 192.168.122.1 tell 192.168.122.187
23:49:23.577770 arp reply 192.168.122.1 is-at fe:ff:ff:ff:ff:ff


My Dom0's Iptables configuration, server and client program list blew. But I can not find the Ubuntu PV's iptables configuration file. Maybe it doesn't have one.




My Dom0 (fedora 8) iptables /etc/sysconfig/iptables

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT


                                             


The server and client program is as following.

/*******   (server.c) ************/
#include <sys/types.h>
#include <sys/socket.h>
#include <stdio.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
 
int main(int argc, char *argv[])
{
   int sockfd,new_fd;
   struct sockaddr_in server_addr;
   struct sockaddr_in client_addr;
   int sin_size,portnumber;
   char hello[]="Hello! Are You Fine?\n";
   
    if(argc!=2)
    {
        fprintf(stderr,"Usage:%s portnumber\a\n",argv[0]);
        return 1;
    }
    
    if( (portnumber = atoi(argv[1])) < 0 )
    {
        fprintf(stderr,"Usage:%s portnumber\a\n",argv[0]);
        return 1;
    }
    
    /* create socket descripter */
    if( (sockfd = socket(AF_INET,SOCK_STREAM, 0)) == -1 )
    {
        fprintf(stderr,"Socket error:%s\n\a",strerror(errno));
        return 1;
    }
    
    /* set sockaddr */
    //bzero(&server_addr, sizeof(struct sockaddr_in));
    memset(&server_addr, 0, sizeof(struct sockaddr_in));
    server_addr.sin_family = AF_INET;
    server_addr.sin_addr.s_addr = htonl(INADDR_ANY);
    server_addr.sin_port = htons(portnumber);
    
    /* bind to a port */
    if( bind(sockfd,(struct sockaddr *)(&server_addr),sizeof(struct sockaddr))==-1 )
    {
        fprintf(stderr,"Bind error:%s\n\a",strerror(errno));
        return 1;
    }
    
    /* listen to the port */
    if( -1 == listen(sockfd,5) )
    {
        fprintf(stderr,"Listen error:%s\n\a",strerror(errno));
        return 1;
    }
    
    while(1)
    {
        /* accept */
        sin_size=sizeof(struct sockaddr_in);
        //if( (new_fd = accept(sockfd, (struct sockaddr *)(&client_addr), &sin_size)) == -1)
        new_fd = accept(sockfd, (struct sockaddr *)(&client_addr), &sin_size);
        if( -1 == new_fd )
        {
            fprintf(stderr,"Accept error:%s\n\a",strerror(errno));
            return 1;
        }
        
        fprintf(stderr,"Server get connection from %s\n", inet_ntoa(client_addr.sin_addr));
        if(write(new_fd,hello,strlen(hello))==-1)
        {
            fprintf(stderr,"Write Error:%s\n",strerror(errno));
            return 1;
        }
        /* over */
        close(new_fd);
        /* next */
    }
    close(sockfd);
    return 0;
}

/*******  client.c ************/
#include <sys/types.h>
#include <sys/socket.h>
#include <stdio.h>
#include <netinet/in.h>
#include <arpa/inet.h>
 
#include <unistd.h>
#include <errno.h>
 
int main(int argc, char *argv[])
{
    int sockfd;
    char buffer[1024];
    struct sockaddr_in server_addr;
    //struct hostent *host;
    char *ip;
    int portnumber,nbytes;
    
    if(argc!=3)
    {
        fprintf(stderr,"Usage:%s ip portnumber\a\n",argv[0]);
        return 1;
    }
    
    //if((host=gethostbyname(argv[1]))==NULL)
    printf("agrv[1] = %s\n",argv[1]);
    if( strlen(ip=argv[1])< 7 )
    {
        fprintf(stderr,"Get Ip address error\n");
        return 1;
    }
    
    if((portnumber=atoi(argv[2]))<0)
    {
        fprintf(stderr,"Usage:%s hostname portnumber\a\n",argv[0]);
        return 1;
    }
    
    /* create socket descripter */
    if((sockfd=socket(AF_INET,SOCK_STREAM,0))==-1)
    {
        fprintf(stderr,"Socket Error:%s\a\n",strerror(errno));
        return 1;
    }
    
    /* set the struct */
    bzero(&server_addr, sizeof(server_addr));
    server_addr.sin_family = AF_INET;
    server_addr.sin_port = htons(portnumber);
    //server_addr.sin_addr = *( (struct in_addr *)host->h_addr );
    //server_addr.sin_addr.s_addr = inet_addr(host->h_addr);
    server_addr.sin_addr.s_addr = inet_addr(ip);
    //server_addr.sin_addr.s_addr = ((struct in_addr*)(host->h_addr))->s_addr;
    
    /* request to server */
    if(connect(sockfd,(struct sockaddr *)(&server_addr),sizeof(struct sockaddr))==-1)
    {
        fprintf(stderr,"Connect Error:%s\a\n",strerror(errno));
        return 1;
    }
    
    /* connected successfully */
    if((nbytes=read(sockfd,buffer,1024))==-1)
    {
        fprintf(stderr,"Read Error:%s\n",strerror(errno));
        return 1;
    }
    buffer[nbytes]='\0';
    printf("I have received:%s\n",buffer);
    /* over */
    close(sockfd);
    return 0;





2010/10/22 Bei Guan <gbtju85@xxxxxxxxx>


2010/10/22 Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>

Bei Guan, le Fri 22 Oct 2010 22:56:29 +0800, a écrit :
> root@ubuntu:~/test1# ./server 13
> Server get connection from 192.168.122.1
>
> [root@localhost test1]# ./client 192.168.122.187 13
> agrv[1] = 192.168.122.187
> I have received:Hello! Are You Fine?
>
> I can not understand why the server just print the virbr0' IP address (it is
> xen net bridge) other than Dom0's real IP, 192.168.1.129.

Because that's the IP of the Dom0 interface from which the connection is
made.  It's just the same as in a usual intranet/internet router box.

> What the relationship
> between the two IPs(192.168.1.129 and 192.168.122.1)?

None, except your dom0 has these two addresses.

> If I put server in Dom0 and the client in Ubuntu. The client can not connect to
> the server. However, I can ping Dom0's IP (192.168.1.129) successfully from
> Ubuntu. What's reason?

We can't divine, show your code / iptables configuration / tcpdump
output.  The usual network stuff, actually.

Sorry, you mean the client and server code? The iptables configurations of all the Ubuntu PV and Dom0?


 

Samuel


Attachment: server.c
Description: Text Data

Attachment: client.c
Description: Text Data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: Qestion about the Xen network?, Bei Guan
Next by Date:  Re: [Xen-devel] [PATCH] xen: do not unmask disabled IRQ on eoi., Stefano Stabellini
Previous by Thread:  [Xen-devel] Re: Qestion about the Xen network?, Bei Guan
Next by Thread:  [Xen-devel] Re: Qestion about the Xen network?, Paolo Bonzini
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy