WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Re: number of ips

To: Anand Gupta <xen.mails@xxxxxxxxx>
Subject: Re: [Xen-users] Re: number of ips
From: David <admin@xxxxxxxxxxx>
Date: Wed, 15 Apr 2009 22:16:22 +0100
Cc: Nick Anderson <nick@xxxxxxxxxxxx>, Peter Booth <peter_booth@xxxxxxx>, Xen Users <Xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 15 Apr 2009 14:17:20 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <acb757c00904151223x4cd60372i1b360850e2c6f245@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <acb757c00904090609y3975792dgd89d28e843ee9ee@xxxxxxxxxxxxxx> <20090410201941.GA1068@cmdln-laptop> <acb757c00904101428w5920e53bh110611916ffe9566@xxxxxxxxxxxxxx> <3F8AB7EB-0E31-44DE-9589-2AC428A9A734@xxxxxxx> <acb757c00904101602o732d1353ob96d1c501fdb5ec1@xxxxxxxxxxxxxx> <6894a6470904101606k1885b53dl18e651e5f69c5e86@xxxxxxxxxxxxxx> <acb757c00904151057n65079b8p713f82508f46d868@xxxxxxxxxxxxxx> <acb757c00904151157h5d3bcbbdjfdc67a118be92164@xxxxxxxxxxxxxx> <6894a6470904151203g50950552ib9f9da3301e52b76@xxxxxxxxxxxxxx> <acb757c00904151223x4cd60372i1b360850e2c6f245@xxxxxxxxxxxxxx>
Reply-to: admin@xxxxxxxxxxx
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx

[root@monaghan ~]# ebtables -N new
The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.
[root@monaghan ~]# dmesg | tail
kernel msg: ebtables bug: please report to author: entries_size too small


these are the symtoms i have on 5.2



On Wed, Apr 15, 2009 at 8:23 PM, Anand Gupta <xen.mails@xxxxxxxxx> wrote:
Hi David,

Thanks for the quick reply.

I took the rpm from Would you recommend to compile it ?

Here is the dmesg output when i try to start a domU.

device vif1.0 entered promiscuous mode
ADDRCONF(NETDEV_UP): vif1.0: link is not ready
Ebtables v2.0 registered
xenbr1: port 3(vif1.0) entering disabled state
device vif1.0 left promiscuous mode
xenbr1: port 3(vif1.0) entering disabled state

Does this make any sense ?

Thanks for the help.


On Thu, Apr 16, 2009 at 12:33 AM, David <admin@xxxxxxxxxxx> wrote:
i think ebtables on centos is broken(5.2 anyway), look out for  messages in  dmesg


On Wed, Apr 15, 2009 at 7:57 PM, Anand Gupta <xen.mails@xxxxxxxxx> wrote:
Made the changes by hand on vif-bridge, changed xend-config to use the new vif-bridge-custom script, and bang :( The domU won't start now.

Error: Device 0 (vif) could not be connected. /etc/xen/scripts/vif-bridge-custom failed; error detected.

Here is the diff

diff -u vif-bridge vif-bridge-custom 
--- vif-bridge 2009-04-14 23:35:08.000000000 -0400
+++ vif-bridge-custom 2009-04-15 00:01:08.000000000 -0400
@@ -57,15 +57,37 @@
     online)
  setup_bridge_port "$vif"
  add_to_bridge "$bridge" "$vif"
+ ebtables -N $vif
+ ebtables -P $vif DROP
+ ebtables -A INPUT -i $vif -j $vif
+ ebtables -A FORWARD -i $vif -j $vif
+ ebtables -A $vif -p ARP –arp-opcode 1 -j ACCEPT
+
+ if [ ! -z "$ip" ]
+ then
+ for oneip in $ip
+ do
+ ebtables -A $vif -p IPv4 –ip-src $oneip -j ACCEPT
+ ebtables -A $vif -p IPv4 –ip-dst $oneip -j ACCEPT
+ ebtables -A $vif -p ARP –arp-opcode 2 –arp-ip-src $oneip -j ACCEPT
+ done
+
+ ebtables -A $vif --log-prefix="arp-drop" --log-arp -j DROP
+
+ fi
         ;;
 
     offline)
         do_without_error brctl delif "$bridge" "$vif"
         do_without_error ifconfig "$vif" down
+ do_without_error ebtables -D INPUT -i $vif -j $vif
+ do_without_error ebtables -D FORWARD -i $vif -j $vif
+ do_without_error ebtables -F $vif
+ do_without_error ebtables -X $vif
         ;;
 esac
 
-handle_iptable
+#handle_iptable
 
 log debug "Successful vif-bridge $command for $vif, bridge $bridge."
 if [ "$command" == "online" ]

Will appreciate any help on this.
 

On Wed, Apr 15, 2009 at 11:27 PM, Anand Gupta <xen.mails@xxxxxxxxx> wrote:
Tried to apply this patch. Fresh install centos5.3, xen 3.0.3-80

I get this error.

missing header for unified diff at line 3 of patch
patching file vif-bridge
patch: **** malformed patch at line 4: online)

Any ideas on how to fix this ?



--
regards,

Anand Gupta




--
regards,

Anand Gupta

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users