[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] can't add vlans successfully

  • To: "Fajar A. Nugraha" <fajar@xxxxxxxxx>
  • From: Zhang Li <cindy.zhangli@xxxxxxxxx>
  • Date: Tue, 11 Aug 2009 18:39:59 +0800
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 11 Aug 2009 03:40:40 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=eh3B/Hjm1YTSPY3bKj9ycrygeJlyrUatDLmoQ+y2zaVztOTWnyK3CVR2q9YbMe8PcX Oll7Bgh89ih+z4OwCpN6f5v0mQt0Q778lIwYjpkDH8UqtVJh7hZxcdoXWbjSl1n0LBkN BRiQYcCycyJMhOPhdxx3W3nIrFBcBcZivazsw=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

On Tue, Aug 11, 2009 at 5:46 PM, Fajar A. Nugraha<fajar@xxxxxxxxx> wrote:
> On Tue, Aug 11, 2009 at 4:31 PM, Zhang Li<cindy.zhangli@xxxxxxxxx> wrote:
>> Hi, Fajar
>>> After that, I'd test whether vlan works before throwing in bridge and
>>> Xen to mix. For example, I'd create eth0.100 on top of eth0, and test
>>> it. If it works, I create br100 on top of eth0.100 and move the IP
>>> address to br100. After it works, I tell domU to use br100 as bridge.
>> I tried the way you told me, every thing is OK. eth0.100 works, br100
>> works and I tell domU to use br100.
>> And then assign one IP ADDRESS to it. it can't ping the address of
>> outside internet.
> OK one at a time :D
> By "br100 works", does that mean if you put IP address on that
> interface, you can access outside world (or at least other hosts also
> located on vlan100)?

yes. br100 can access outside world. Does it means vlan is ok? And the
domainUs in the same vlan can communicate.

> By "And then assign one IP ADDRESS to it. it can't ping the address of
> outside internet.", does that mean you put IP address on domU but it
> can't access anywhere? If yes, do a ping from domU and a tcpdump on
> br100 and eth0.100, see which packets are missing (does arp receives
> no reply? or is it only the icmp echo/reply gone missing)

yes. arp receives no reply. And ICMP echo/reply gone missing.
I think they can connect each other in the same vlan within the same
IP subnet .
if it connect to outside, it should need router. I don't know XEN
whether can do this.

> Another thing to check. Are you using old broadcom NIC with tg3
> driver? If yes, it's probably firmware problem. On one of my machines
> I can't get bridging to work until I updated its firmware.
>> Another question, does the domain U must need the 8021Q? When one
>> DomainU send one frame to another, will the bridge add the tag to the
>> frame with 8021Q?
>> I have some experiment here:
>> If domain U use the 8021Q module, it will add the tag to the frame by
>> itself and the vlan is setup, bridge doesn't need to add tag. But if
>> domain U doesn't use 8021Q module, I think the bridge will add the tag
>> to the frame, the problem of I have told still exists.  I am confused.
> I'm not sure I understand your question. However you can do these:
> Scenario 1: you can have eth0, create a bridge on top of it, share it
> it domU, and do vlans in domU. It will work if you do NOT create the
> same vlan on dom0 (e.g. do not create eth0.100 on dom0, create it only
> on domUs). You may also need to set
> /proc/sys/net/bridge/bridge-nf-filter-vlan-tagged to 0 (not quite sure
> about this, as it has been a long time since I pass a trunk :P). From
> domU perspective this is similar with connecting to a switch using a
> trunk port.
> Scenario2: you can do vlans on dom0, create a bridge for each vlans,
> and tell domU to use the bridge. From domU perspective this is similar
> with connecting to a switch using an access port.

I think we are saying the same thing.
But I am not familar with the bridge of XEN, I don't know whether it
can implement the trunck link.
For Scenario2, either domain0 or domainU don't need the 8021Q. am I right?

> --
> Fajar

Best regards

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.