WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Missing packets on Dom0 when sniffing bridge with wiresh

To: "Paul Nader" <paul.nader@xxxxxxxxx>
Subject: Re: [Xen-users] Missing packets on Dom0 when sniffing bridge with wireshark/tethreal
From: "Todd Deshane" <deshantm@xxxxxxxxx>
Date: Fri, 1 Feb 2008 21:03:42 -0500
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 01 Feb 2008 18:04:15 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=ZVcR8vVk/yviiOQpOJFjnU45JR/vq2mEYgAYNH4+so4=; b=hP/UX/6oJYola4y/emVl18TLx2eSjlxCGiAEfnp99mvWvOVIgbs942rTHWrjHtTnn+PKeOf+XDr+sr7cPuvvwUyPZ3VvZPZuFPgBKOR/mTER9tzsehk10wWTyuZs6+iKuIngiw0tq7erYHiFHDDSufYhQvtBCpLMb/s6gEp8J9I=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:references; b=W2PCdbOQOY43v0x304avK5paCZCQ1he8y2H7ud6Go7/xDaXuGw85lOgspHuUiypWrWp1N+eDTiJDJAYcKn2PTDTAnFNdHOv5HnNk222VU4WuwvPCsu9c1tnmKAvoCO8PFCgTH9ZWmxvNwXATWiiaJCn3AdlIUuZB8szfVGmAHvs=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <003a01c86458$08de5fb0$2201a8c0@fuertes>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <003a01c86458$08de5fb0$2201a8c0@fuertes>
Reply-to: deshantm@xxxxxxxxx
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx


On Jan 31, 2008 5:24 PM, Paul Nader <paul.nader@xxxxxxxxx> wrote:

Hi,

 

I have a Centos5 machine running xen 3.0.3-41 with two NICs each on its own subnet: 192.168.1.x and 192.168.0.x. All DomUs can talk to each other OK through two xen bridges. There are 3 DomUs: Dom0, Dom1 and Dom2

 

The scenario:

 

I'm trying to capture packets on Dom2 on 192.168.0.x from external devices that are sending SIP stuff to Dom1, but fail to capture any packets. I can only capture them if I run tethereal on Dom1. I'm setting the interface to collect in promiscuous mode, enabled all protocols, etc.

 

I can however capture ICMP and ARP packets on Dom2 on 192.168.0.x when I ping Dom1.

 

Is there anything I need to do to make the bridge assigned to 192.168.0.x relay _all_ packets to _all_ DomUs?

 

I'm not sure if there is a direct way to do this. If I was you I would looking into brctl and also find out if the bridge can be made to act like a hub.

I wonder if ARP spoofing [1] (i.e. an arp bomb) as suggested in [2] could work?


[1] http://en.wikipedia.org/wiki/ARP_spoofing
[2] http://lists.xensource.com/archives/html/xen-users/2005-04/msg00284.html



 

Thanks for any help,

 

Paul.

 


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>