[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] xen networking on Debian with 2 nics

Hello all,
Please can someone offer a suggestion, or if I have misunderstood something vital, point me in the right direction for what I wish to achieve. I installed Debian 3.1, installed Xen and all relevant packages using aptitude (I had to use an unstable repository). The box has 2 nics, one connected to my internal network and one connected to my adsl router as I intend to use this box to host my firewall, vpn and web server Linux boxes as virtual machines. 
Dom0's /etc/network/interfaces:
----------------------------------------
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet manual
      up ifconfig $IFACE 0.0.0.0 up
      up ip link set $IFACE promisc on
      down ip link set $IFACE promisc off
      down ifconfig $IFACE down
----------------------------------------
So I need 2 bridges (so I can get my vpn & firewall machines to allow the right traffic in/out of our network). 
So I run
/etc/xen/scripts/network start bridge=xen-br1 netdev=eth1 antispoof=no
Right?
When I run tcpdump on each of the bridge interfaces I see the expected traffic for that interface. 

Set up a VM with 2 nics with the following config file:
----------------------------------------
kernel = "/boot/vmlinuz-2.6-xenU-tun"
memory = 64
name = "vpn"
nics=2
root = "/dev/hda1 ro"
disk = [ 'phy:/dev/vg00/vpn,hda1,w', 'phy:/dev/vg00/vpnswap,hda2,w' ]
vif = [ 'mac=AA:00:00:07:C5:2C', 'bridge=xen-br0', 'mac=AA:00:00:07:C5:2D', 'bridge=xen-br1' ] 
----------------------------------------
I start the VM up and ipconfig in the VM shows
----------------------------------------
eth0      Link encap:Ethernet  HWaddr AA:00:00:07:C5:2C
         inet addr:192.168.0.230  Bcast:192.168.0.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:858 errors:0 dropped:0 overruns:0 frame:0
         TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:76754 (74.9 KiB)  TX bytes:158 (158.0 b)

eth1      Link encap:Ethernet  HWaddr AA:00:00:01:D2:48
         inet addr:192.168.101.1  Bcast:192.168.101.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:861 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:76912 (75.1 KiB)  TX bytes:0 (0.0 b)

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
----------------------------------------
Which shows a different mac address to the one I am expecting for eth1 as per the config file!! Is this the root of my problem? 

So "brctl show" in Dom0 shows:
----------------------------------------
bridge name     bridge id               STP enabled     interfaces
xen-br0         8000.0008a1349cdc       no              eth0
                                                       vif1.0
                                                       vif1.1
                                                       vif1.2
xen-br1         8000.0008a1349c9f       no              eth1
                                                       vif1.3
----------------------------------------
Which I think is ok! Can anyone confirm?
When in the VM I do a tcpdump on each of the 2 nics I see the same traffic as if both interfaces are bridged with eth0 in Dom0, this is not what I want. I have attempted reinstalling Dom0 from scratch twice and have tried building xen-testing from source but I get the same outcome. At this point I am willing to try almost anything (with the exception of running out and buying more hardware.) I attempted to look for relevant posts to this mailing list, but unfortunately I haven't found anything that appears relevant to my problem. If I have missed stuff please don t flame :) 
Any help would be most appreciated.

Regards

Ian



--------------------------------------------------------------------------------
The information in this message and any attachment is intended for the addressee and is confidential. If you are not that addressee, no action should be taken in reliance on the information and you should please reply to this message immediately to inform us of incorrect receipt and destroy this message and any attachments.
For the purposes of internet level email security incoming and outgoing emails may be read by personnel other than the named recipient or sender.
Whilst all reasonable efforts are made, ASM (UK) Ltd cannot guarantee that emails and attachments are virus free or compatible with your systems. You should make your own checks and ASM (UK) Ltd does not accept liability in respect of viruses or computer problems experienced. 
--------------------------------------------------------------------------------



______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.