Xen project Mailing List

Re: [Xen-users] Re: problems with xen installation

From: Fernando Maior <fernando.souto.maior@xxxxxxxxx>

Date: Mon, 2 Jan 2006 08:48:03 -0200

Cc: Xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 02 Jan 2006 10:53:07 +0000

Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Dhb9EHKHG/I1xHaS8dPRivTAe7YuJusdWt4aDfeQa3YfyOlvd7xqbH1+3RLxynvN0ReGRpgzzn1LprftxlBwzheqcMoPjzWE3Y3f8v0wAs/mZ1yiF7hHpXBKk4SOy2T+dHtCbnVp4XFD/GRD2hfDl41nFF0Z4zm0eVUCTwHdyJU=

List-id: Xen user discussion <xen-users.lists.xensource.com>

On 12/30/05, Anand <xen.mails@xxxxxxxxx> wrote: > Dear Fernando, > > Thanks for the information. > > I looked at the vif-bridge file however confused on how to proceed. First as > Andy pointed out the foremost point would be to get a constant vifname > everytime the domain starts up only then any bandwidth calculation could > work. > > Looks like i need to get my hands on someone who knows more on this and > perhaps help me achieve this since i am unable to work on it much :(( > > On 12/30/05, Fernando Maior <fernando.souto.maior@xxxxxxxxx> wrote: > > On 12/30/05, Anand <xen.mails@xxxxxxxxx> wrote: > > > Dear Andy, > > > > > > Thanks for all the help. I will try it out. > > > > > > > > > On 12/30/05, Andy Smith < andy@xxxxxxxxxxxxxx> wrote: > > > > > > > > On Fri, Dec 30, 2005 at 08:23:42PM +0530, Anand wrote: > > > > > > > > > > Dear Andy, > > > > > Thanks for the reply. > > > > > >As you noted the vif name will change every time a domain is > > > > > >restarted. In Xen 2.x you can use the vifname config directive > to > > > > > >hardcode vif names per domain. You can also do this in 3.0 if > you > > > > > >use a snapshot of -unstable that has this functionality > (apologies, > > > > > >I do not know exactly when it was (re)added). > > > > > Thanks, thats indeed excellent news. May i ask is the snapshot > stable > > > > > enough to use on the production box (sorry if it sounds a stupid > > > > > question to you). I am using 3.0 stable rpm from xensource on > centos > > > > > 4.1 right now. > > > > > > > > I can't advise on this I'm afraid as I'm not using it heavily in > > > > production. > > > > > > > > It works nicely in the latest 2.x which is what I'm running in > > > > production. > > > > > > > > > >You can measure the bandwidth use of the vif interfaces in dom0, > > > > > >either by parsing /proc/net/devices periodically or by polling > SNMP. > > > > > This will give the problem of the vifname changing everytime and > > > hence > > > > > loosing track of the vif to whom the bandwidth should be > accounted > > > to. > > > > > > > > Yes you do need to use vifname for this to work. > > > > > > > > > >Finally you could also use iptables in dom0 and the physdev > module > > > > > >to add rules for traffic going in/out particular vifs, and poll > its > > > > > >counters to measure bandwidth. > > > > > Is it possible for you to direct me to some examples ? It will > really > > > > > help. > > > > > > > > This too requires static vif names. Off the top of my head: > > > > > > > > iptables -N accounting_in > > > > iptables -N accounting_out > > > > > > > > iptables -A FORWARD -m physdev --physdev-out vif+ -j accounting_in > > > > iptables -A FORWARD -m physdev --physdev-in vif+ -j accounting_out > > > > > > > > iptables -A accounting_in -m physdev --physdev-out vif-foo+ -j RETURN > > > > iptables -A accounting_out -m physdev --physdev-in vif-foo+ -j RETURN > > > > > > > > The above iptables commands check all forwarded traffic to see if it > > > > came from/to a vif, if they do they are checked to see if they > > > > specifically went through an interface name matching "vif-foo*". > > > > You can then use > > > > > > > > iptables -v --list accounting_in > > > > iptables -v --list accounting_out > > > > > > > > to view the packet and byte counters for those tables. > > > > > > > > Note this matches only IP traffic. You'll need to use ip6tables to > > > > match IPv6. > > > > > > > > Without static vif names you could add rules to the bridge interface > > > > and try to match only things going to or coming from the IP > > > > addresses that you have assigned but that seems even more hackish to > > > > me.. > > > > > > > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > > > Version: GnuPG v1.4.1 (GNU/Linux) > > > > > > > > > > > > iD8DBQFDtU7SIJm2TL8VSQsRAtBrAKDW6fAWiPi3DoMD3hG2375VEBoONQCgpTvA > > > > poJ7lh1XIbW7dwT/PhuLqh0= > > > > =xw9q > > > > -----END PGP SIGNATURE----- > > > > > > > > > > > > _______________________________________________ > > > > Xen-users mailing list > > > > Xen-users@xxxxxxxxxxxxxxxxxxx > > > > http://lists.xensource.com/xen-users > > > > > > > > > > > > > > > > > _______________________________________________ > > > Xen-users mailing list > > > Xen-users@xxxxxxxxxxxxxxxxxxx > > > http://lists.xensource.com/xen-users > > > > > > > > > > Anand, > > > > You can tweak /etc/xen/scripts/vif-bridges in order to include the > > iptables {add|delete} rules when the domain is started/shutdown. > > > > -- > > Bye, > > Fernando Maior > > LPIC/1(31908) > > LinuxCounter(391325) > > > > Anand, I just started and then shutdown a domain. Rules on iptables were created, but NOT deleted. Should be some problem running the shutdown scripts, take care about them! -- Bye, Fernando Maior LPIC/1(31908) LinuxCounter(391325) _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.