WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] troubles with networking on a Xen machine

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] troubles with networking on a Xen machine
From: Mayer <chef@xxxxxxxxxxxxxxx>
Date: Tue, 18 Apr 2006 00:13:01 +0200
Delivery-date: Tue, 18 Apr 2006 03:03:17 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.7 (X11/20051013)
Hello,

we setup a Xen server (Version 3.0.1) with four domains:
router (iptables routing to the outside world) 192.168.100.251(intbr) 192.168.99.2 (extbr) 192.168.101.1 (dmzbr)
netserver (DHCP, DNS, NIS, TFTP) 192.168.100.252
fileserver (NFS, Samba) 192.168.100.253
dmzserver (apache) 192.168.101.2

and three bridges:
intbr (connected to router fileserver and netserver and to the internal (save) network eth1)
extbr (connected to router and the unsave external network eth0)
dmzbr (connected to router and dmzserver)

Now we encountered the following problem: it is not possible to access a TCP/UDP service from one domain to another. From another machine, it is possible to access for example DNS. From domain0 it ist not possible to access any service running inside a unpriviledged domain (tested with nslookup - 192.168.100.252). If we do the same from another computer ist works fine.
Pinging is always possible.
It is also not possible to access services inside upriviledged domains from unipriviledged domains. There are no firewalling rules which block that. The IP setup is correct, ping works. We encoutered the error messages "ip_local_deliver: bad skb: PRE_ROUTING LOCAL_IN LOCAL_OUT POST_ROUTING" on the consoles of all domains. Again: From a computer outside the access to the services running on the domains works fine.

Any hints?

Best regards
Florian Mayer, Mayer Electronics


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] troubles with networking on a Xen machine, Mayer <=