WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Multiple IPs in a domU (I am using static macs)

I finally have the problem fixed. It turns out the issue was caused by my colo giving me the wrong gateway IP address. Which is interesting - because it let the VMs connect to the outside world, but coming back in, the gateway didn't like it.

Obviously not a Xen problem. Sorry guys!


Dan Parsons


On Feb 26, 2007, at 2:59 PM, Tom Brown wrote:

On Mon, 26 Feb 2007, Dan Parsons wrote:

Tom, thanks for replying. I started off doing the simple eth0:1 eth0:2 method. It didn't work - no traffic to the aliased IPs came in. eth0 would work but not eth0:1 or eth0:2. The outside world couldn't ping them, though the outside world could ping eth0. I would very much prefer to use aliases and not separate interfaces.

I haven't done any big config changes, nothing to xend conf or bridge scripts or anything like that. domU eth0 works fine from outside world, domU eth0:1 does not.

I really appreciate the help, I'm under the wire here and have to get this going :(

You're going to have to sniff this one through... it's not something I can diagnose from a few links of a config file. You've got something "in the way", and you're going to need to find it. The obvious first question is can you ping the alias from dom0 ? From another domU? From other physical machines on your network. From outside your network (you've said no to this).

the best test platform would be another physical linux machine on the same network. What does arp -a say? Does it show incomplete?

? (192.168.99.21) at <incomplete> on eth0

at least that tells you that routing is ok and your box is trying to arp the requested IP address. If not, then routing is broken and xen isn't relevent (and it probably isn't).

Leaving tcpdump running in the target domU looking for arp packets may help as well... you can also look in dom0 at both the virtual eth0 interface and the bridge device itself which corresponds to the physical hardware... I believe the names have changed between xen versions.

That should give you something to chew on. By the time ARP returns a real mac address you should be damn close. If arp works but ping doesn't, then routing is broken somewhere (probably the return direction).

-Tom


Xen 3.0.3 on fc6; here's my domU conf:


# Automatically generated xen config file
name = "ns"
memory = "128"
disk = [ 'phy:vg0/VM_ns,xvda1,w' ]
vif = [ 'bridge=xenbr1, mac=00:16:3E:6A:24:16' ]

nographic=1
uuid = "8141e049-0168-2bae-9d8d-b471220520ad"
bootloader="/usr/bin/pygrub"
vcpus=1
on_reboot   = 'restart'
on_crash    = 'restart'



Dan Parsons


On Feb 26, 2007, at 2:34 PM, Tom Brown wrote:

On Mon, 26 Feb 2007, Dan Parsons wrote:
> Thanks for the suggestions. Did something I say make you think I'm using > a HVM? I'm using a plain old paravirtualized VM here. Does this change > any of your suggestions? > > My worry about the ping fix is that if there is no traffic on that IP for > a long time, the arp record created by the ping will die. And then the > router issues another arp who-has, and we have the same problem. Indeed,
what problem?
I use IP aliases in domUs all the time and have no trouble.
> it looks as if Xen is ignoring who-has requests for eth1's IP.... Also, > how can it be upstream when the eth0 ip works just fine? It's just eth1's > ip that's bad. What is xen doing to make eth0 work, that it's not doing > for eth1? And why? why are you creating multiple interfaces if you don't want them on separate networks/bridges? Just use aliases of eth0
e.g.
ifconfig eth0:1 192.168.1.1
ifconfig eth0:2 192.168.1.2
...
obviously I'm joining the thread late, so my apologies if there
is a clear issue I've missed.
-Tom
-------------------------------------------------------------------- --
tbrown@xxxxxxxxxxxxx   | Courage is doing what you're afraid to do.
http://BareMetal.com/ | There can be no courage unless you're scared.
|  - Eddie Rickenbacker
> > Thanks
> Dan Parsons
> > -----Original Message-----
> From: Tim Post <tim.post@xxxxxxxxxxxxxxx>
> Date: Mon, 26 Feb 2007 19:30:21
> To:dparsons@xxxxxxxx
> Subject: [QUAR] Re: [Xen-users] Multiple IPs in a domU (I am using static > macs)
> > On Mon, 2007-02-26 at 10:18 +0000, Dan Parsons wrote:
> > Thank you, but I actually am using statically defined MACs in the domU > > config.. > > So I don't believe what you said applies. Please correct me if I'm > > wrong. > > Ah no, you're right I had a brainfart. Mac was staring right at me in
> your config file.
> > > Do you have further suggestions?
> > I haven't run into this, but only a few of my guests are HVM. You could
> try a couple of things.
> > If you are using Xen's network-bridge script to bring up your bridges, > try letting init do it and use a network-dummy script in its place, play
> with the bridge settings and see if it helps.
> > forward delay, helo, maxwait, should be set to 0. I am not entirely sure
> that they are set to 0 by default by brctl.
> > Or a quick fix, call ping during the boot process on the guest slightly > modifying the init strings until you can rule out exactly what the issue
> is.
> > I'm tending to lean in the direction of something upstream, though.
> > Best,
> --Tim
> > > Dan Parsons
> > > > -----Original Message-----
> > From: Tim Post <tim.post@xxxxxxxxxxxxxxx>
> > Date: Mon, 26 Feb 2007 18:05:53
> > To:Dan Parsons <dparsons@xxxxxxxx>
> > Cc:xen-users@xxxxxxxxxxxxxxxxxxx
> > Subject: [QUAR] Re: [Xen-users] Multiple IPs in a domU
> > > > On Sun, 2007-02-25 at 21:54 -0800, Dan Parsons wrote:
> > > I've been trying to make multiple public IP addresses work in a domU, > > > and have been unable to do it. I've tried every method mentioned in > > > the xenu-users archive as well as through a lot of stuff mentioned in
> > > google.
> > > > > Then the IP works. So,
> > > it's a MAC/ARP issue.
> > > > Most cisco routers take up to ~9 minutes to re-arp these changes. > > Static
> > MACS must be used.
> > > > You could tri arping'ing the gateway just specifying the address and > > interface (i.e. eth0:1) or pass a -U. This should trick the router into
> > doing it.
> > > > The best way, use static macs when bringing up the vifs within the > > dom-u. Remember, you can have only 3 physical eth devices within a
> > guest, as far as I know this limitation has not yet increased.
> > > > So, its much easier to bring them up as vifs from within the dom-u
> > itself, just specify macs for each one.
> > > > > But why isn't the MAC for eth1 being announced?
> > > > It is. apring is being called each time its brought to an up state to > > make sure the IP does not already exist on the network. You either have > > to wait 10 minutes, send traffic from it (i.e. ping -I eth0:1 -c1 -w5 > > 4.2.2.2 > /dev/null 2>&1 in the postup init script. It really depends > > on
> > the router.
> > > > > I've tried specifying
> > > the IPs in the domU config various ways and that also didn't help. > > > > That's not going to make much of a difference. I often just specify
> > bridge, vifname and mac and handle the rest inside of the guest.
> > > > > This is on Fedora Core 6, using Xen 3.0.3. domU is also FC6 using the > > > same kernel. kernel is 2.6.19-1.2911.fc6xen. Below is a bunch more
> > > info, please tell me if I've forgotten to include anything.
> > > > Just flushing the router's arp hehehe :)
> > > > > > domU config file:
> > ,,, looked just fine to me.
> > > > > [ snip ]
> -------------------------------------------------------------------- --
tbrown@xxxxxxxxxxxxx   | Courage is doing what you're afraid to do.
http://BareMetal.com/ | There can be no courage unless you're scared.
|  - Eddie Rickenbacker


----------------------------------------------------------------------
tbrown@xxxxxxxxxxxxx   | Courage is doing what you're afraid to do.
http://BareMetal.com/  | There can be no courage unless you're scared.
                       | - Eddie Rickenbacker


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>