WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] howto re-create XEN network bridge?

To: "Fajar A. Nugraha" <fajar@xxxxxxxxx>
Subject: Re: [Xen-users] howto re-create XEN network bridge?
From: Rudi Ahlers <Rudi@xxxxxxxxxxx>
Date: Fri, 6 Nov 2009 18:19:22 +0200
Cc: xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 06 Nov 2009 08:20:23 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:from:date:x-google-sender-auth:message-id:subject:to:cc :content-type:content-transfer-encoding; bh=xMNNmw104bB9+XAl/ok7NMmvK3TGu2GlWNw0ICK10U4=; b=g0fNP7nFWveJJKJyFs7eKF9bfppST+BLyrkYb/R0XTvdp1/3fbhaqv26bT0uZYLjCM kcw88zuJJrRdRiFM2GCuJdOekkWPa/QXcecuF4aYIQR+NUoIYYpYBB2j44ef5zdID0Pt nxTbiLS5DNBX9pjyx/Vpo+yJZJrbU0BKTBCGk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; b=NenXzKhi4uST8HgyprusqgCFyez6KLNNv8eSaAzYRhJOa+xzdIB7ET2vseGMg8L7UE FKlA8K2/Znf2OOEsWXxf3cG89ad6e1VhPU49bliYWoi43a1IaL3eMT24xhlWz6sFA2Gl 2DQhtbV9x2UNInylWoHXu791sfE6ghinuMw7U=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <7207d96f0911060259u276087e7n23abd38b0fb5c177@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <695200da0911051558k550f57f4p9d45c718031c925e@xxxxxxxxxxxxxx> <7207d96f0911060148t170a2879r5ffe1f7bc4bc7d46@xxxxxxxxxxxxxx> <695200da0911060225g3c5eebep7f4bba0c336e6bae@xxxxxxxxxxxxxx> <7207d96f0911060238t4e37a845ybd72133e54e88967@xxxxxxxxxxxxxx> <695200da0911060250t5db5f7bcu272063af65c3e03f@xxxxxxxxxxxxxx> <7207d96f0911060259u276087e7n23abd38b0fb5c177@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
On Fri, Nov 6, 2009 at 12:59 PM, Fajar A. Nugraha <fajar@xxxxxxxxx> wrote:
> On Fri, Nov 6, 2009 at 5:50 PM, Rudi Ahlers <Rudi@xxxxxxxxxxx> wrote:
>
>> Here's the output of brctl show:
>>
>>
>> root@zaxen01:[~]$ brctl show
>> bridge name     bridge id               STP enabled     interfaces
>> xenbr0          8000.feffffffffff       no              vifpict0
>>                                                        vifandr0
>>                                                        vifzafe0
>>                                                        vifserv0
>>                                                        vifraft0
>>                                                        vifplut0
>>                                                        viferis0
>>                                                        vifbyra0
>>                                                        vifanim0
>>                                                        vifacti0
>>                                                        peth0
>>                                                        vif0.0
>>
>
> You can try by sniffing packets on uplink physical interface (should
> be peth0 in your case). Test with simple packets (like ping) and snoop
> it with tcpdump (something like "tcpdump -n -i peth0 icmp"). That
> would at least tell you whether packets can get to physical interface
> or not.
>
> If the traffic is there but somehow you still have problems, the
> source of problem might be elsewhere and not in your bridge setup.
> Might be switch blocking ports with many MACs, or router caching old
> MAC addresses.
>
> --
> Fajar
>
> _______________________________________________

Hi Fajar,

The packets does indeed get to the physical interface, but I get no
return ICMP packets, but it's almost asif that originating packets are
incomplete:

I got this from "tcpdump -n -i peth0 icmp" on the dom0 hostnode:

18:06:56.043744 IP 196.34.136.58 > 66.197.167.226: ICMP echo request,
id 34310, seq 1, length 64
18:06:57.053851 IP 196.34.136.58 > 66.197.167.226: ICMP echo request,
id 34310, seq 2, length 64


Yet, when I ping another VPS on the same dom0, I see an icmp reply:

[root@vps ~]# ping -c2 196.34.136.51
PING 196.34.136.51 (196.34.136.51) 56(84) bytes of data.
64 bytes from 196.34.136.51: icmp_seq=1 ttl=64 time=0.903 ms
64 bytes from 196.34.136.51: icmp_seq=2 ttl=64 time=0.115 ms




These IP's is completely open on the network firewall as well.



-- 
Kind Regards
Rudi Ahlers
CEO, SoftDux Hosting
Web: http://www.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users