[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] firewalls and Xen

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: Kevin Monroe <kevin@xxxxxxxxxxxxxxx>
Date: Wed, 08 Mar 2006 20:01:12 -0600
Delivery-date: Thu, 09 Mar 2006 12:55:26 +0000
List-id: Xen user discussion <xen-users.lists.xensource.com>

Patrick Wolfe wrote:

On Tue, 2006-03-07 at 15:00 -0600, Kevin wrote:

The domU's can access anyone without trouble.  Dom0 can successfully ping any 
IP address, but cannot connect to remote services.
From dom0, attempting a wget of google's homepage (64.233.187.99) shows the 
connection is successful, but the request times out


It sounds like you haven't run 'ethtool -K eth0 tx off' on dom0.

You need to run that command on every xen virtual ethernet interface, or
you get corrupt checksums on random packets.  You can verify this by
running 'tcpdump' or 'ethereal' while doing the wget.

I hope this fix this problem by 3.0.2.  It's sure annoying.

You were exactly right Patrick; the following patch for/etc/xen/scripts/network-bridge (thanks Nicholas --http://lists.xensource.com/archives/html/xen-users/2006-02/msg00747.html) worked for me in fixing up my dom0's eth1:


      add_to_bridge2 ${bridge} ${pdev}
      do_ifup ${netdev}
      + # disable ip checksum offloading for veth device
      + [ -x /usr/sbin/ethtool ] && /usr/sbin/ethtool -K ${netdev} tx off


Thanks again,
-Kevin


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

References:
- Re: [Xen-users] firewalls and Xen
  - From: Kevin

Prev by Date: [Xen-users] default dom0 memory size is very large
Next by Date: Re: [Xen-users] Bridging and VLANs 802.1Q trunk
Previous by thread: Re: [Xen-users] firewalls and Xen
Next by thread: AW: [Xen-users] Problem booting domU
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.