[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] DOMU loses outside connection

When I start xen dom0  I get that same dhcp address for eth0 and for
xen-br0, dom0 can talk to the world.  If I start each of my 3 domU's
mannually, each guest gets a xen-br0 vif with a dhcp address and all 3
can talk to the outside world and each other (my "flat network").

What I want is a tiered network with the first domU acting as a firewall
with 3 nics
vif = [ 'mac=aa:00:00:aa:99:10, bridge=xen-br0', 'mac=00:00:00:aa:99:11,
bridge=xen-brDMZ', 'mac=00:00:00:aa:99:12, bridge=xen-brINT' ]
When I run the script below, the second and third domains can reach the
firewall and each other on nets 192/168/10.0/24 via xen-brDMZ and  can
reach 192.168.120/24 via xen-brINT. With forwarding and routing applied,
I can communicate to/from the 10 net and the 120 net also.

However, after running the script below the first domU loses connection
with xen-br0 and thus loses connection with the outside world.  Any
ideas on how the preserve xen-br0 connectivity?

Thanks

********************My Start Bridge  Script**************************

#!/bin/bash
#  /etc/xen/xen_start_bridges.batch
# 
# 
# enable forwarding in xen0
echo "1" > /proc/sys/net/ipv4/ip_forward
#
# disassociate old vif's if they are still arround
brctl delif xen-br0 vif1.1
brctl delif xen-br0 vif1.2
brctl delif xen-br0 vif2.1
brctl delif xen-br0 vif3.1
#
#
# add internal bridge between the Firewall guest and the
# AppDatabaseDS guest
brctl addbr xen-brINT
brctl stp xen-brINT off
ifconfig xen-brINT up
#
#
# add a bridge between the Firewall guest and the
# DMZwebserver guest
brctl addbr xen-brDMZ
brctl stp xen-brDMZ off
ifconfig xen-brDMZ up
#
#
# show what exists to verify
xm list
echo " "
brctl showmacs xen-br0
echo " "
brctl showmacs xen-brDMZ
echo " "
brctl showmacs xen-brINT
echo " "
#
# start the 3 guests
xm create /etc/xen/xm1firewall
xm create /etc/xen/xm2webserver
xm create /etc/xen/xm3idsappdb
#
# /etc/xen/scripts   run the network script 4 times to 
# associate the bridges with xend#
cd /etc/xen/scripts
# ./network start bridge=xen-br0 netdev=vif1.0 antispoof=yes
# ./network start bridge=xen-br0 netdev=vif2.0 antispoof=yes
# ./network start bridge=xen-br0 netdev=vif3.0 antispoof=yes
./network start bridge=xen-brDMZ netdev=vif1.1 antispoof=yes
./network start bridge=xen-brDMZ netdev=vif2.1 antispoof=yes
./network start bridge=xen-brINT netdev=vif1.2 antispoof=yes
./network start bridge=xen-brINT netdev=vif3.1 antispoof=yes




-- 
Mike & Deb Hoesing <m-d-hoesing@xxxxxxx>


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.