WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Help me to set up network (routes)

Fajar A. Nugraha wrote:
You can. Easily.
RHEL5 by default has libvirt, which would create a bridge called
virbr0. Just assign your domUs to that bridge and they will be
automagically NAT-ed without having to setup any iptables rules
manually.

I'm in Gentoo and there are libvirt *masked* for installing, so I can't use it ;-(

But you give me a good idea to port my thoughts from my Qemu network to Xen.

Today, I rewrite vif-nat script and make my own. And it works! This is NOT a great script, 'cause only one Xen machine can grab network (really, I dont test it on 2 or more VM, so I thought it cannot work). But, I'm love my hardware and never-never run more than one VM. My script is, of course, for me only.

But, I decide to post in here, on mailing-list, 'cause maybe someone find it later via Google ;-)

=============================
%# cat > /etc/xen/scripts/vif-tap << "EOF"
#!/bin/bash

# written by AlannY (m@xxxxxxxxx) from vif-nat.
# 8 May 2009
# public domain

dir=$(dirname "$0")
. "$dir/vif-common.sh"

if [ "$ip" = "" ]; then
  fatal 'IP not found in config'
fi

dom0_ip=$(echo "$ip" | awk -F. '{print $1"."$2"."$3".1"}')
dom0_broadcast=$(echo "$ip" | awk -F. '{print $1"."$2"."$3".255"}')

if [ "$ip" -eq "$dom0_ip" ]; then
  fatal 'DomU IP cannot be Dom0 IP'
fi

if [ "$ip" -eq "$dom0_broadcast" ]; then
  fatal 'DomU IP cannot be Dom0 broadcast'
fi

domU_ip=`echo ${ip} | awk -F/ '{print $1}'`

# it's a HACK
tap=$(echo $vif | sed s/vif/tap/)

case "$command" in
    online)
        if ip route | grep -q "dev $tap"
        then
          log debug "$tap already up"
          exit 0
        fi

do_or_die ifconfig "$tap" up "$dom0_ip" netmask "255.255.255.0" broadcast "$dom0_broadcast"

        do_or_die iptables -t nat -A POSTROUTING -s $domU_ip -j MASQUERADE
        do_or_die iptables -t nat -A POSTROUTING -d $domU_ip -o $tap
        ;;
    offline)
        do_without_error ifconfig "$vif" down

        do_without_error iptables -t nat -D POSTROUTING -s $domU_ip -j 
MASQUERADE
        do_without_error iptables -t nat -D POSTROUTING -d $domU_ip -o $tap
        ;;
esac

log debug "Successful vif-tap $command for $tap."

if [ "$command" = "online" ]; then
  success
fi
EOF
%# chmod 0755 /etc/xen/scripts/vif-tap

Also, edit /etc/xen/xend-config.sxp and replace:

(network-script /bin/true)
(vif-script     vif-tap)

On every Virtual Machine configuration file use:

vif = [ 'ip=xx.xx.xx.xx' ]

for example:

vif = [ 'ip=10.0.2.2' ]

On Virtual OS use following settings:

ip=vif_ip # (see above), for example 10.0.2.2
netmask=255.255.255.0
gateway=xx.xx.xx.1 # based on vif_ip with 1 at the end, for example 10.0.2.1
========================================

I'm using Xen only 3rd (or 2nd) day, and don't understand how Xen works with TUN/TAP and why vifs are so important. So, I decide to turn off that vifs and leave only virtual TUN/TAP driver, which, of course, do the main job. Maybe it's a core mistake and it can't be applied to Xen, but - this script works ;-) And this is only what I need ;-) As I said before - this script is only for my purpose.

The problem is solved. Thanks for your patience ;-)

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users