WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] [XCP] vlan from guests

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] [XCP] vlan from guests
From: Tundra Slosek <ivoryring@xxxxxxxxx>
Date: Fri, 17 Sep 2010 14:33:21 -0400
Delivery-date: Fri, 17 Sep 2010 11:34:29 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=cv1T3VYDLMt1+GjeDJvkceuKlM20rbXcgbP8UsWihms=; b=pMOUn0ycnJfpWZy42+oSXRAfW7c58mqdVeQQWrEuzqHqQEMKTtwXZP8A5PuKT6QZri OY/29A0ohiH1J9nwzSLw0OBCvFPt84aboYVgErz1eEa3Z4a3ivwLdafa7ml99B/C4FgE dZWiGCBJAtopa1YOmA42yY9MLLR6IkWEi9tds=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=sLu2vUqa2Cm91lM3+IemWQ7fDPV3Rt+qPTmnw62F0KK6HE/SAFtV/LRy2YUGCkL1oI qAwl0hF/SOrMGUGOuv/D2BM9C0CWxsvclbTGqv1a/EV5KND+er46osw4mgBWdhQdq1u7 KZ4jFvwm+01mQ0jHxpv3SpY+YcuN1kLKj61L4=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Setting up XCP 0.5, I've used OpenXenCenter to create our VLANs. The network switch has the admin VLAN set to untagged, all others set to tagged (for our Xen 3.1/3.2 Debian dom0 machines we set all VLANs tagged - but they use vconfig/brctl not openvswitch so my experience from them doesn't seem to be helpful).

I have (pfSense 1.2.3) guest (for the purpose of this test, IP 192.168.30.200) on two VLANs, however the traffic doesn't seem to be leaving the XCP host (management IP is 192.168.31.51) correctly.

From the XCP command prompt, if I use tcpdump, I see network traffic on the interface named xapi7. tcpdump on eth0 definitely shows something strange, as if I ask it to filter to just arp traffic, it doesn't show traffic from the guest, but if I ask it to show all traffic and grep the output for arp, it shows traffic from the guest. I am suspecting two things but not sure how to prove them: a.) tcpdump on XCP 0.5 doesn't understand VLAN tags. b.) I am not passing the VLAN tags up to the network switch correctly so the packets are just falling on the floor.

Unless I'm misunderstanding something, tcpdump against xapi7 should show all traffic that the network switch hands down to the NIC that is tagged for VLAN 7 - my tcpdump of xapi7 shows this is not working as I expect.

[root@nnexen1 log]# xe vm-vif-list vm=cmgate3left
uuid ( RO)                  : 6889e3dc-aeb4-eb2d-3664-0af2f2ebd3c1
         vm-name-label ( RO): cmgate3left
                device ( RO): 2
                   MAC ( RO): 4a:f2:73:9c:6b:7b
          network-uuid ( RO): 7dcd9c10-87fd-2b51-ca1b-ab7b16ee8f2b
    network-name-label ( RO): cminternet0


uuid ( RO)                  : 641782d8-c752-97ae-9fdf-c806d8b5e775
         vm-name-label ( RO): cmgate3left
                device ( RO): 1
                   MAC ( RO): 7e:de:c8:f0:71:8e
          network-uuid ( RO): 548ade1a-4f24-ab08-9dbd-3ce7bd90f347
    network-name-label ( RO): cmguest0


[root@nnexen1 log]# xe network-param-list uuid=548ade1a-4f24-ab08-9dbd-3ce7bd90f347
uuid ( RO)                : 548ade1a-4f24-ab08-9dbd-3ce7bd90f347
          name-label ( RW): cmguest0
    name-description ( RW):
           VIF-uuids (SRO): 641782d8-c752-97ae-9fdf-c806d8b5e775
           PIF-uuids (SRO): dd30f6d6-cf69-4132-95bb-d3ccf31c86d4
                 MTU ( RW): 1500
              bridge ( RO): xapi7
        other-config (MRW): automatic: false
               blobs ( RO):


[root@nnexen1 log]# xe pif-list uuid=dd30f6d6-cf69-4132-95bb-d3ccf31c86d4
uuid ( RO)                  : dd30f6d6-cf69-4132-95bb-d3ccf31c86d4
                device ( RO): eth0
    currently-attached ( RO): true
                  VLAN ( RO): 7
          network-uuid ( RO): 548ade1a-4f24-ab08-9dbd-3ce7bd90f347

[root@nnexen1 log]# tcpdump -n -c 3 -i xapi7
tcpdump: WARNING: xapi7: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on xapi7, link-type EN10MB (Ethernet), capture size 96 bytes
14:22:30.031651 arp who-has 192.168.30.237 tell 192.168.30.200
14:22:31.032574 arp who-has 192.168.30.237 tell 192.168.30.200
14:22:32.033560 arp who-has 192.168.30.237 tell 192.168.30.200
3 packets captured
3 packets received by filter
0 packets dropped by kernel

[root@nnexen1 log]# tcpdump -n -i eth0 port not 22 and port not https | grep arp
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
14:24:14.065131 arp who-has 192.168.31.38 tell 192.168.31.51
14:24:14.136640 arp who-has 192.168.30.237 tell 192.168.30.200
14:24:15.065282 arp who-has 192.168.31.38 tell 192.168.31.51
14:24:15.137645 arp who-has 192.168.30.237 tell 192.168.30.200

[root@nnexen1 log]# tcpdump -n -i eth0 arp
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
14:24:26.095128 arp who-has 192.168.31.38 tell 192.168.31.51
14:24:27.095189 arp who-has 192.168.31.38 tell 192.168.31.51

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>