[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] network traffic can't be seen by iptables when no bridge presents

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: liang chen <chenlia@xxxxxxxxxxxxxxxxxx>
Date: Wed, 10 Aug 2005 12:05:01 -0400 (EDT)
Delivery-date: Thu, 11 Aug 2005 12:12:55 +0000
List-id: Xen user discussion <xen-users.lists.xensource.com>

In my project, I tried to use iptables, instead of bridge, to direct
networking traffics from one VM to another in one host. What I am doing is
I delete xen-br0, and I have two VMs that have IP addresses of 10.8.0.51
and 10.8.0.52. I use

iptables -t mangle -A FORWARD -d 10.8.0.51 -j ROUTE --oif vif1.0
iptables -t mangle -A FORWARD -d 10.8.0.52 -j ROUTE --oif vif2.0

vif1.0 and vif2.0 are the virtual network interfaces of two VMs. In order
to debug the above rules, I log all the traffics:

iptables -t mangle -A PREROUTING -j LOG --log-level debug --log-prefix
"log-everything"

I ping 10.8.0.52 from 10.8.0.51 and I expect to see the traffics would be
logged. However, I can't see any corresponding traffics are logging. Only
traffics looks like :

IN=lo OUT= ip-source=127.0.0.1 ip-destination=127.0.0.1........

I use tcpdump to listen on vif1.0 and I can see the icmp requsts from
10.8.0.51 to 10.8.0.52.

I am using the kernel linux-2.6.11-xen0. Does anybody have ideas about it?
Is it because there is no bridge presenting?


thanks
liang


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Prev by Date: Re: [Xen-users] Maximal RAM reservation for Linux-Dom0
Next by Date: [Xen-users] PXE-booting Xen
Previous by thread: [Xen-devel] How to setup CONFIG_SCSI_SATA_VIA=y and CONFIG_SK98LIN=y on a custom xenlinux builds?
Next by thread: [Xen-users] only one external ip
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.