WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] SNAT woes.

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] SNAT woes.
From: "Chris Fanning" <christopher.fanning@xxxxxxxxx>
Date: Tue, 16 May 2006 13:38:47 +0200
Delivery-date: Tue, 16 May 2006 04:39:43 -0700
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=k6zXxi6RIdY4oAAmatMKmL8XnpyprplKvaldxfg+9BIoHTMjC0TjeI8I0GiIOGLvayWgtIb5hnYtuxQdCbTDGvHIvx9C6XXDhN6B2izyyOrSl3WYSnddBz/M8Q8whJSTnViMu4jHc35CMR+1YRGet/45C4AiDnhzCCmgyZflIg8=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hello all,

I have a SNAT question

           eth0 --- dom0 --- eth1
router --|
           eth0 --- domU --- eth1

I am running X terminales against domU.
The X terminals are on the domU-eth1 network.
when my default gateway is the router, everything works as expected.

But I want to use an ipip tunnel from both dom0 and domU
So I thought that dom0 would be my best default gateway and then set
the tunnel up on dom0.

I change the default gateway on domU to point at dom0.eth0
and on dom0
iptables -t nat -A POSTROUTING -o eth0 -s domU.eth0.ip -j SNAT
--to-source dom0.eth0.ip
This works fine. Xterminal traffic (source ip domU.eth0.ip leaves the
box from dom0.eth0.ip)

But I also have some wokstations on the Xterminal network and I'd like
to keep the source domU.eth1.ip_range when traffic goes through the
tunnel so.
on domU I change the gateway to dom0.eth1
iptables -t nat -A POSTROUTING -o eth0 -s domU.eth1.ip_range -j SNAT
--to-source dom0.eth0.ip
This doesn't work. I can't see the difference between on exaple and
the other, so why is it failing?

my /etc/xen/xend-config.sxp calls
(vif-script vif-bridge)

I hope I have explained myself ;(
any pointers please?

Thankyou.
Chris.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] SNAT woes., Chris Fanning <=