WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] DomU network configuration problem

To: shubham <shubham.sharma@xxxxxx>
Subject: Re: [Xen-users] DomU network configuration problem
From: Tej <bewith.tej@xxxxxxxxx>
Date: Fri, 8 Aug 2008 13:11:00 +0530
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 08 Aug 2008 00:41:40 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=LLyHyHWgXG1FjPkP4SFgcVQcQq392UWOgQ+E6/LdJvo=; b=Y0P/GddlZj3aas0C1RHrKPrraM1dvM2Tbj8Cn2rV4DkxhmTTT5NmZayFo99OHXxF/v vVtv7d459ZMippu4/9G236LntDd/waXUtzlJbmnEagR2Qj1SMTNpjhICv6RS4sv4TM2y 3OryokfXx1thwvaQQV8SRBii9ECD6dm25o5dY=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=D+4YEmb5mDPXxTYolOzEcHXW7PKUVKFfIbK/hWQx++2QLDcc+wy1isZYgFyO9Ii9vh ZVSYEPX4DqbfKkj1uxE1N6N7YChlKley5ZRoaTvePF6xFrhdhsRDscwwDZufU1NsAE0G 0nPsLikydN2aHkjarBFDCnN4XHC035YTvGB4o=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <loom.20080807T132236-152@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <loom.20080807T132236-152@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
On 8/7/08, shubham <shubham.sharma@xxxxxx> wrote:
> hi all,
>
> I've got a SLES10 machine running Xen 3.0 with DomUs also running SLES10
>
>                  ---------------------------------
>                 |                 ____________    |
>    Gateway      | Dom0       _   | DomU-1     |   |
>    10.33.0.1    | 10.33.0.3 | |--|192.168.0.1 |   |
>         |       |           | |  |vifx.0      |   |
>       __^_      |     vif0.0| |   ------------    |
>      |    |     |           | |                   |
>      |    |     |           | |-- ... 192.168.0.x |
>      |____|     |-----      | |-- ...             |
>        |      |-|eth0 |      -                    |
>        |      |  ---------------------------------
>     ---------------------------
>     |        1G Ethernet      |
>     ---------------------------
>           _|__    |       |
>          |    |   ...     10.33.0.x
>          |____|
>        10.33.0.2
>
>
> All my boxes are running perfectly fine.
>
> I wanted to set up a private routed network within my virtual domains such
> that my DomUs can be pinged through the physical machines
>
> i have set the corresponding features in the xend-config.sxp file
>
> ----------------8<--------------
> (network-script network-route)
> (vif-script vif-route)
> ----------------8<--------------
>
> the vif attributes in my domU config file is
>
> ----------------8<-------------
> address 192.168.0.1
> gateway 192.168.0.12 ***
> netmask 255.255.255.0
> ----------------8<-------------
>
> ***i am not sure here that the gateway provided by me is correct or not.
>
> then i did the following steps to nat the domU's IP to the dom0 on mu dom0
>
> ----------------8<-------------
> echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp
> iptables -t nat -A POSTROUTING -s 10.0.0.0 -j MASQUERADE
> ----------------8<-------------

You can do following steps:

1. Assign any private IP to your DomU
2. Assign the subnet gateway to the domU, above vuf configuration is
fine i guess.

3. Now as dom0 is on different subnet, create the eth0 (i assume here
that eth0 domU and eth0 of dom0 is connected to xenbr0 ) alias as a
gateway for domU.
    In dom0:
    ifconfig eth0 add domU-gateway netmask.
4. Now that gateway should be pingable
5. Now add the forwarding rules
    echo 1 >/procsys/net/ipv4/ip_forward
   Now you should be able to ping the eth0 on dom0.
6. Add the masq rule as above.
   iptables -t nat -A POSTROUTING -j MASQUERADE (use the eth0 address)
7. Now you should be able to ping google.com

HTH

-tej

>
> but with these settings i am not able to ping to the domU from dom0.
>
> when i used a bridged type network,while pinging to the domU the packets
> reach the vif but are not forwarded to the domU
>
> tcpdump shows that the packets are being transferred from the dom0 to
> the xen bridge but they are not forwarded to the domU.
>
> are the steps which i followed correct or any changes/further steps are
> required to be followed?
>
> I searched the Xen wiki tutorials but couldn't get through my
> problem.
>
> Also is there a method so that i can now where exactly are the
> packets being dropped.
>
> please tell me in case further information is required.
> Any suggestions will be greatly appreciated.
>
> thanks
> shubham
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users