Xen project Mailing List

Re: [Xen-devel] Network issues with SuSE firewall

To: "Gregory Newby" <newby@xxxxxxxx>

From: Ian Pratt <Ian.Pratt@xxxxxxxxxxxx>

Date: Sat, 08 Nov 2003 01:57:36 +0000

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxxx, Ian.Pratt@xxxxxxxxxxxx

Delivery-date: Sat, 08 Nov 2003 01:59:32 +0000

List-id: List for Xen developers <xen-devel.lists.sourceforge.net>

> > Very odd. Any chance you can get a serial line on the system? > > The other domain's boot messages should also come out on serial. > > Yes, I brought in a null modem. I'll try this. This will be very intersting. > > > > Please can you send me the output from running xenctl, and the > > > > console message from the booting domain. > > > > > > Yep. Maybe the output from the "xenctl script..." startup is > > > informative. This is with the default /etc/xen-mynewdom, containing: > > > > I take it that you're wanting to boot with the initrd copied > > off the CD, and use the CD for the new domain's /usr ? > > Huh? No, that's the first I heard about that. > > I'm using the standard /usr > > This could explain a lot. How am I supposed to make > the CD's /usr available to the domains? The easiest thing to do for testing is to put the CD in the drive. You really need to install other filesystems (on either real partitions or virtual disks) for other domains, or export them from domain 0 via local NFS. > > an sshd, but I think your problem lies elsewhere... > > sshd listens on port 22. By "telnet HOSTNAME 22" I'm trying > to connect to the ssh port. The advantage of doing it this way > is that the client & negotiation don't matter... just the > ability to connect. I missed the final "22". > The NAT rules in iptables redirects port 22 on 169.254.1.3 > (in this case) to port 2203 on 169.254.1.0. So, theoretically, > "telnet 169.254.1.3 22" is the same as "telnet 169.254.1.0 2203". > To actually login, > ssh root@xxxxxxxxxxx > or ssh -p 2203 root@xxxxxxxxxxx I'm still nervous about the NAT/firewall set up. Seeing as you're only using local networking for this, you shouldn't need xen_nat_enable at all -- just reboot and bring up eth0:0 by hand. After starting a new domain you should be able to ping and ssh root@xxxxxxxxxxx if things are well. > > What happens if you run tcpdump in domain0. Do you see any > > packets arriving at 169.254.1.0 ? > > Yes. Here is "grep 169" from a tcpdump log while I tried (from > domain0) "telnet 169.254.1.3 22" (yes, the arp reply matches > eth0's MAC): It would be interesting to see if you receive any packets while the domain is booting (console packets). Ian ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.