WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] 3.2 changes network layout?

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] 3.2 changes network layout?
From: jim burns <jim_burn@xxxxxxxxxxxxx>
Date: Fri, 6 Jun 2008 18:43:41 -0400
Delivery-date: Fri, 06 Jun 2008 15:44:21 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <200806060846.36630.fjwcash@xxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <48481E38.8000807@xxxxxxxx> <200806051922.46409.jim_burn@xxxxxxxxxxxxx> <200806060846.36630.fjwcash@xxxxxxxxx> (sfid-20080606_121643_812848_7CF6BDA4)
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.9.9
On Friday June 06 2008 11:46:36 am Freddie Cash wrote:
> With Xen 3.0.x, this was simple, and easy to do.  Just write a wrapper for
> network-bridge,  and in there set vifnum=X netdev=ethX and bridge=xenbrX
> (where X is 1 and above), then in the VM config file, set bridge=xenbrX
> to assign each VM to the specified bridge.
>
> With Xen 3.1.x and 3.2.x, this is no longer possible (at least I could
> never get it to work).  The default network-bridge checks for an active
> interface with an IP and uses that as the default bridge.  Well, on our
> servers, eth0 is a 10/100 NIC, eth1 through eth6 are 10/100/1000 NICs.  
> We don't want to use eth0 for anything but management traffic.
>
> network-bridge doesn't use netdev=, bridge=, or vifnum= in any way, shape,
> or form.  You can't write a wrapper for it like you could with Xen 3.0.x.  
> And trying to do it manually doesn't work either as the way the bridge is
> setup in the dom0 is hokey to say the least and doesn't work for
> interfaces without IPs.

I've read this complaint before about xen 3.2 removing those parms, and agree 
that they are convenient. I'm a little confused, tho' since Fedora 8/xen 
3.1.2 still uses the bridge and netdev vars. I thought all the major changes 
had been introduced in 3.1.2 as a pre-release to 3.2. Apparently there are 
more surprises to come! I probably won't know the joy of configuring a dom0 
under Fedora/xen 3.2 for awhile, since F9 doesn't support dom0 yet :-(

> The only way I could get things to even slightly work in Xen 3.2 was to
> for udev to rename my NICs to number them in reverse, making the 10/100
> port eth6.  But, even then, I couldn't get more than a single bridge to
> come up in the dom0, and only if I assigned a ficticious IP to that
> interface first.

I was about to suggest that. Oh well. You probably need to setup your own 
bridge in /etc/sysconfig/networking-scripts/ifcfg-*.

> Don't know how non-standard it is to want a management NIC with an IP, and
> a bridge without an IP that the domUs will use.  Seems perfectly
> reasonable to me, especially since it worked so nicely in Xen 3.0.x (and
> is very simple to do with KVM).

Seems reasonable to me also.

> What would be ideal (and is also something that never worked in Xen) would
> be to have eth0 be the management NIC, and then bond together eth3
> through eth6 as bond0 and then us that as the bridge in the dom0 that all
> the domUs would use.  But, I gave up on that after a few days as I could
> either have traffic to the dom0 or to the domUs, but not both.

Yeah, I've read many complaints about bond devices in xen.

I would be very surprised if 3.2 doesn't even use the 'netdev' var. In that 
case, your wrapper script could be:

/etc/xen/scripts/network-bridge netdev=eth0
/etc/xen/scripts/network-nat netdev=eth1

which would give your domus access to the internet, but private addresses.

Also, I wonder if virsh still sets up virbr0 on 3.2, which provides private 
networking with no access to the internet. (The bridge still has an ip, but 
it's private.)

Oh well, hopefully someone more versed in 3.2 will chime in here. Good luck.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users