[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] virtual routing issue



Ernie Fontes wrote:

> My machine (192.168.103.23) is on the network with my router
> (192.168.103.1).  The virtual router, tiara, has to connect my
> 192.168.103.* network with the virtual 10.0.0.* network which comprises
> two other virtual domains, tophat and bowler.
> 
> The three virtual machines are all running Fedora (hence the names).
> 
> I can ping between tiara, tophat, and bowler.  I can also ping from
> tiara out to 192.168.103.1, 192.168.103.23, and the Internet.
> 
> However, I cannot ping 192.168.103.23, 192.168.103.1, or the Internet
> from tophat or bowler (which are routed through tiara).

1) Have you got IPforwarding enabled on Tiara? Do:
~# sysctl -w net.ipv4.ip_forward=1

2) Have you got correct routing tables on other hosts of your network
(most importantly on the router .103.1)? There must be an explicit route
to 10.0.0.0/24, e.g. do this on the router:
~# ip route add 10.0.0.0/24 via 192.168.103.30

Then you should be able to ping the router from Bowler/Tophat.

3) For accessing the internet from domains you need to makesure that the
router is SNATing (or masquerading) 10.0.0.0/24 to your public IP
address. Check your iptables rules for that (assuming your router is
Linux of course).

4) As an excercise read something about "proxy arp" and try to deploy
bowler/tophat directly on 192.168.103.0/24 network. With that approach
there would be no other changes necessary to your network ;-)

HTH,

Michal Ludvig
-- 
* Personal homepage: http://www.logix.cz/michal




_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.