WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] NAT networking in Xen

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] NAT networking in Xen
From: John Backes <john.backes@xxxxxxxxxxxxxxxxx>
Date: Tue, 05 Jul 2011 15:07:04 -0500
Delivery-date: Tue, 05 Jul 2011 13:08:49 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4E136487.5040201@xxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4E136487.5040201@xxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110428 Fedora/3.1.10-1.fc14 Thunderbird/3.1.10
I've resolved the issue myself.

I am using a fedora 14 dom0 and the network manager was enabled.
Whenever xen would create a virtual interface the network manager would
attempt to run dhcp on this interface and erase its ip information.  The
solution was to disable the network manager.

- John

On 07/05/2011 02:22 PM, John Backes wrote:
> Hello,
> 
> I'm trying to set up the NAT network configuration for xen but I'm
> having some issues.  I've have the correct lines commented and
> uncommented in my xend-xonfig.xsd file:
> 
> #(network-script network-bridge)
> #(vif-script vif-bridge)
> #(network-script network-route)
> #(vif-script     vif-route)
> (network-script network-nat)
> (vif-script     vif-nat)
> 
> My domain config file for my paravirtualized fedora 14 domain contains
> the following text:
> 
> name="default"
> description="None"
> memory=512
> maxmem=512
> vcpus=1
> on_poweroff="destroy"
> on_reboot="restart"
> on_crash="destroy"
> localtime=0
> keymap="en-us"
> builder="linux"
> bootloader="/usr/bin/pygrub"
> bootargs=""
> extra=" "
> disk=[ 'file:/var/lib/xen/images/default.img,xvda,w', ]
> vif=[ 'ip=10.0.0.2', ]
> NETMASK = "255.0.0.0"
> GATEWAY = "10.0.0.1"
> vfb=['type=vnc,vncunused=1']
> 
> extra = "console=hvc0"
> 
> When i start the domain my iptables has the following entries:
> 
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
> ACCEPT     icmp --  anywhere             anywhere
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     tcp  --  anywhere             anywhere            state NEW
> tcp dpt:ssh
> ACCEPT     udp  --  anywhere             anywhere            state NEW
> udp dpt:ipp
> ACCEPT     udp  --  anywhere             224.0.0.251         state NEW
> udp dpt:mdns
> ACCEPT     tcp  --  anywhere             anywhere            state NEW
> tcp dpt:ipp
> ACCEPT     udp  --  anywhere             anywhere            state NEW
> udp dpt:ipp
> ACCEPT     udp  --  anywhere             anywhere            state NEW
> udp dpt:snmp
> REJECT     all  --  anywhere             anywhere            reject-with
> icmp-host-prohibited
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere            PHYSDEV
> match --physdev-out vif1.0 --physdev-is-bridged
> ACCEPT     udp  --  anywhere             anywhere            PHYSDEV
> match --physdev-in vif1.0 --physdev-is-bridged udp spt:bootpc dpt:bootps
> ACCEPT     all  --  anywhere             anywhere            PHYSDEV
> match --physdev-out vif1.0 --physdev-is-bridged
> ACCEPT     all  --  10.0.0.2             anywhere            PHYSDEV
> match --physdev-in vif1.0 --physdev-is-bridged
> REJECT     all  --  anywhere             anywhere            reject-with
> icmp-host-prohibited
> 
> and my ifconfig looks like:
> 
> eth0      Link encap:Ethernet  HWaddr 00:0E:0C:6C:48:F5
>           inet addr:192.168.222.77  Bcast:192.168.222.255
> Mask:255.255.255.0
>           inet6 addr: fe80::20e:cff:fe6c:48f5/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:6572 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:4115 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:6549366 (6.2 MiB)  TX bytes:438666 (428.3 KiB)
> 
> eth1      Link encap:Ethernet  HWaddr 00:1C:C0:CB:B6:59
>           UP BROADCAST MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
>           Memory:e0400000-e0420000
> 
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:208 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:208 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:15880 (15.5 KiB)  TX bytes:15880 (15.5 KiB)
> 
> vif1.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
>           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:9 errors:0 dropped:22 overruns:0 carrier:0
>           collisions:0 txqueuelen:32
>           RX bytes:0 (0.0 b)  TX bytes:1542 (1.5 KiB)
> 
> I have configured the network settings in the domU to be the same as
> specified in the domain config file.  When I try to ping the default
> gateway from the domU I can see packts on the vif1.0 interface saying:
> 
> 7     25.900903       Xensourc_34:7d:9b       Broadcast       ARP     Who has 
> 10.0.0.1?  Tell 10.0.0.2
> 
> Based on the iptables output, it seems like xen is still trying to used
> a bridged network type configuration.  I should note that I have
> restarted the xen daemon after making the changes to the xend-config.xsd
> config file.  Are there some other settings I have to change in order to
> use a NAT type configuration?  Thanks in advance.
> 
> - John
> 
> 
> 
> 
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
> 

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>