This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] howto re-create XEN network bridge?

To: "Fajar A. Nugraha" <fajar@xxxxxxxxx>
Subject: Re: [Xen-users] howto re-create XEN network bridge?
From: Rudi Ahlers <Rudi@xxxxxxxxxxx>
Date: Fri, 6 Nov 2009 12:25:23 +0200
Cc: xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 06 Nov 2009 02:26:27 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:from:date:x-google-sender-auth:message-id:subject:to:cc :content-type; bh=mlBs5R2sSUKtfAZOMB4CsiP+ygTTWDC7AA47ARi4D4I=; b=weXwzyvX96uYPbReeZJ5ZfSV1lXOLZrMV0C/3OR8xbOyBU5IfiZ3J1xn06yzcsxnVy NOXaZuwlL1l7sy/I0LX7y5izGv5WT/oAEkb5Go8k84smXguy5OowPRcJViT0Whi72stJ yw0+bj90yTUyI+JrT6LZ7Bn3//RtKpKrnxOtk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; b=FY8QBltuvGbyxWlC5WKbL7JWhDDUYorZmkoPlk7SQrgrNtonggxK0TL7y1agTvv5Rv jwg3ee0L9Mj9w+6Zz7utB9ROqPDotBS20fTlwmhiemNKj44vOVNzmVoDRZA3ZMQO8+rI djJ6/VM/QyImnPFjWlmNpflYFxGejR7ZLgP3U=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <7207d96f0911060148t170a2879r5ffe1f7bc4bc7d46@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <695200da0911051558k550f57f4p9d45c718031c925e@xxxxxxxxxxxxxx> <7207d96f0911060148t170a2879r5ffe1f7bc4bc7d46@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
On Fri, Nov 6, 2009 at 11:48 AM, Fajar A. Nugraha <fajar@xxxxxxxxx> wrote:
> On Fri, Nov 6, 2009 at 6:58 AM, Rudi Ahlers <Rudi@xxxxxxxxxxx> wrote:
>> Hi all,
>> Is it possible to re-create the XEN network bridge? On one of my XEN
>> servers, somce domU's can't connect to the outside world, yet I can
>> connect to the VPS' from the internet on SSH. It seems that outgoing
>> traffic is not working as it should, but incoming is, and I think it
>> might have todo with the bridge. How would I re-create the bridge to
>> see if it sovles the problem?
> Take a look at the output of "brctl show", and also see the contents
> of "/etc/xen/scripts/network-bridge".
> IMHO you should first make sure that it's not iptables problem. See
> the content of
> /proc/sys/net/ipv4/netfilter/ip_conntrack_count
> /proc/sys/net/ipv4/netfilter/ip_conntrack_max
> if count is close to max, you could either:
> - increase ip_conntrack_max, or
> - disable iptables for bridged traffic (echo 0 >
> /proc/sys/net/bridge/bridge-nf-call-iptables)
> --
> Fajar
> _______________________________________________

Thank you Fajar,

I tried to look at the ip_contrack files that you suggested, but there
are no such files on the server:

root@zaxen01:[~]$ locate ip_conntrack_count
root@zaxen01:[~]$ locate ip_conntrack_max

root@zaxen01:[~]$ uname -a
Linux zaxen01.softdux.com 2.6.18-128.1.16.el5xen #1 SMP Tue Jun 30
06:39:23 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
root@zaxen01:[~]$ cat /etc/redhat-release
CentOS release 5.3 (Final)

Also, there's no firewall running ont he dom0 that blocks anything for
the domU's - I don't quite know how todo this even.

Any other suggestions?

Kind Regards
Rudi Ahlers
CEO, SoftDux Hosting
Web: http://www.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532

Xen-users mailing list