[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Xen and routing

Hi James,
Sorry - for some reason I missed this message until now... I've reconfigured eth0 in dom1 without specifying a hardware module. It comes up, but still no access into or out of the network... 

TIA,

Eric

Dom0:

dom0:/# iptables -n -v -L
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 14613 1342K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 5344 352K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 input_ext all -- eth0 * 0.0.0.0/0 0.0.0.0/0 588 119K input_ext all -- xen-br0 * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 0 0 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU 0 0 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU 0 0 forward_ext all -- eth0 * 0.0.0.0/0 0.0.0.0/0 596 115K forward_ext all -- xen-br0 * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWD-ILL-ROUTING ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 14613 1342K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 11 LOG flags 6 level 4 prefix `SFW2-OUT-TRACERT-ATTEMPT ' 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 9 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 10 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 13 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 6973 1382K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-OUT-ERROR ' 

Chain forward_dmz (0 references)
pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT-INV ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED icmp type 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 0 0 ACCEPT all -- * eth0 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * xen-br0 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 ACCEPT all -- xen-br0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-ICMP-CRIT ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain forward_ext (2 references)
pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT-INV ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED icmp type 3 4 336 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 0 0 ACCEPT all -- * eth0 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 592 115K ACCEPT all -- * xen-br0 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 ACCEPT all -- xen-br0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-ICMP-CRIT ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain forward_int (0 references)
pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT-INV ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED icmp type 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 0 0 ACCEPT all -- * eth0 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * xen-br0 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 ACCEPT all -- xen-br0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-ICMP-CRIT ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain input_dmz (0 references)
pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT-INV ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain input_ext (2 references)
pkts bytes target prot opt in out source destination 587 119K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT-INV ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 1 48 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-ACC-TCP ' 1 48 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 reject_func tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 state NEW 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain input_int (0 references)
pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT-INV ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 

Chain reject_func (1 references)
pkts bytes target prot opt in out source destination 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable 

-------------------------------------------------------------------------------------------------------------------------------
dom0:/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 00:11:85:F4:87:76
         inet addr:192.168.1.22  Bcast:192.168.1.255  Mask:255.255.255.0
         inet6 addr: fe80::211:85ff:fef4:8776/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:7554 errors:0 dropped:0 overruns:0 frame:0
         TX packets:6522 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:717401 (700.5 Kb)  TX bytes:1512430 (1.4 Mb)
         Interrupt:20

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:14725 errors:0 dropped:0 overruns:0 frame:0
         TX packets:14725 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:1351344 (1.2 Mb)  TX bytes:1351344 (1.2 Mb)

vif7.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
         inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:13 errors:0 dropped:0 overruns:0 frame:0
         TX packets:88 errors:0 dropped:411 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:754 (754.0 b)  TX bytes:10175 (9.9 Kb)

xen-br0   Link encap:Ethernet  HWaddr 00:11:85:F4:87:76
         inet addr:192.168.1.22  Bcast:192.168.1.255  Mask:255.255.255.255
         inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:7471 errors:0 dropped:0 overruns:0 frame:0
         TX packets:6303 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:550732 (537.8 Kb)  TX bytes:1459651 (1.3 Mb)

--------------------------------------------------------------------------------------------------------------------------------
dom0:/ # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 xen-br0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 xen-br0 
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0 192.168.1.2 0.0.0.0 UG 0 0 0 xen-br0 

--------------------------------------------------------------------------------------------------------------------------------
dom0:/# brctl show
bridge name     bridge id               STP enabled     interfaces
xen-br0         8000.001185f48776       no              eth0
                                                       vif7.0
--------------------------------------------------------------------------------------------------------------------------------
dom0:/# brctl showmacs xen-br0
port no mac addr                is local?       ageing timer
 1     00:08:02:96:ee:f1       no                33.65
 1     00:0d:56:e7:9e:cc       no               235.29
 1     00:11:85:7d:39:af       no                 8.98
 1     00:11:85:7e:51:eb       no               113.87
 1     00:11:85:ee:79:f4       no                 0.00
 1     00:11:85:f2:54:4a       no               290.09
 1     00:11:85:f2:55:be       no                46.89
 1     00:11:85:f4:87:76       yes                0.00
 1     00:c0:9f:46:e4:1b       no               128.81
 1     00:e0:4c:ae:e6:07       no                17.76
 2     fe:ff:ff:ff:ff:ff       yes                0.00

--------------------------------------------------------------------------------------------------------------------------------


In dom1 (I turned the firewall in dom1 off for now):

dom1:/ #  iptables -n -v -L
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 
---------------------------------------------------------------------------------------
dom1:/boot # iptables -n -v -L -t nat
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination 
----------------------------------------------------------------------------------------

dom1:/ # ifconfig

eth0      Link encap:Ethernet  HWaddr 00:11:85:F4:87:76
         inet addr:192.168.1.25  Bcast:192.168.1.255  Mask:255.255.255.0
         inet6 addr: fe80::211:85ff:fef4:8776/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:55 errors:0 dropped:0 overruns:0 frame:0
         TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:6434 (6.2 Kb)  TX bytes:754 (754.0 b)

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:14 errors:0 dropped:0 overruns:0 frame:0
         TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:1344 (1.3 Kb)  TX bytes:1344 (1.3 Kb)

----------------------------------------------------------------------------------------
dom1:/boot # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface 
192.168.1.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.1.2   0.0.0.0         UG    0      0        0 eth0




James Bulpin wrote:


On Wed, 2005-05-18 at 16:07, Eric E wrote:

Hi James,
Many thanks for your quick reply, and for the help. I'm now able to see the dom0 machine from the network, but I can't seem to get into our out of dom1. In my domain configuation file for dom1, I've tried the following for the vif: 
1) vif= ['mac=00:xx:xx:xx:xx:xx, bridge=xen-br0']
2) vif = ['bridge=xen-br0']
3) nothing (commented out)
Only 1) creates an eth0 interface in dom1, and even then I can't see any IP addresses on my network such as 192.168.1.10 from within dom1, nor can I ping the machine's address from dom0 or elsewhere on the network. 

Can you give me the output of the following:

in dom0:

iptables -n -v -L
iptables -n -v -L -t nat
ifconfig
route -n
brctl show
brctl showmacs xen-br0

in domU booted using your 1) above:

iptables -n -v -L
iptables -n -v -L -t nat
ifconfig
route -n

Regards,

James






_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.