[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] DHCP problem in privleged domU from ISP


  • To: "Patrick Wolfe" <pwolfe@xxxxxxxxxxxxxx>
  • From: "Frank DiRocco" <ofanged1@xxxxxxxxx>
  • Date: Mon, 13 Mar 2006 16:13:38 -0500
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Mon, 13 Mar 2006 21:14:51 +0000
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=OFHpRiX3lp58+tvgMAyXZ2FkqD7XDEj4lbIUjq+/o8E32/1Sp2hpjGG3sBojuSReq6GclEUwRX4lAKwnd/SdofiOgNlXfBBwbbb3rVyEvmaiFKyEY+0hbtMFbL7P3LP/8HIhWq+BdIIrf0aoQNx0YIq72JBqXuSTIyIl0gb/QtI=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

Now Hear This. From this day forth any whom defy Patrick Wolfe will squander miserably at his feet for forgiveness! Oh great Patrick Please forgive my infidelity. I should never have doubted you!

ok seriously, you were right, a combination of "ifconfig down hw ether 00:01:29:xx:xx:xx; ifconfig eth0 up" and switching the rj-45 cables in the back of my machine got a dhcp address from my isp in no time.

On 3/13/06, Patrick Wolfe <pwolfe@xxxxxxxxxxxxxx > wrote:
I use cable modem too, and have to spoof the mac address of my old sony
laptop, which was the first machine I used on it, three years ago.

A cable modem is a passive bridge device.  It's your pc's mac address
that their DHCP server sees, not the cable modems.  Trust me on this.

On Mon, 2006-03-13 at 15:20 -0500, Frank DiRocco wrote:
> if i was not using a cable modem I would agree with you, but the cable
> modems mac address is what the isp uses. This im sure of because i
> changed the nic on the server im using now to do my routing and I
> didn't have to change anything. I'm going to set up a dhcp server
> localy and see if I get an address, after all its always some stupid
> configuration misspelling >: - P --- Thanks Patrick!
>
> oh and in the domu ifconfig shows the HW mac as 00:a0:cc:xx:xx:xx
> where as the real HW mac is 00:01:29:xx:xx:xx and this is automatic
> from xen I have not set any mac addresses.
>
> On 3/13/06, Patrick Wolfe < pwolfe@xxxxxxxxxxxxxx> wrote:
>         I'll bet your ISP will only serve IP addresses to the MAC
>         address that
>         first used their services.  The easy solution is clone your
>         current
>         internet interface's MAC address.  Find out the MAC address of
>         your
>         current debian box's internet interface, and configure that
>         exact same
>         MAC address on your domU firewall's internet
>         interface.  Another
>         solution is to call the ISP and ask them to change which MAC
>         you are
>         allowed to use.  But if you switch back, you have to call them
>         again.
>
>         As a side note, Xen has it's own assigned manufacturer's MAC
>         address
>         range - 00:16:3e:xx:xx:xx, so instead of your current mac
>         address
>         assignments aa:00:00:xx:xx:xx, you might want to consider
>         using the Xen
>         assigned range.  It probably won't break anything to use the
>         address
>         range you are using now, but somewhere down the road, you or
>         someone
>         else will be tracking down a problem, using a protocol
>         analyzer and not
>         remember that you made up that MAC address range, and won't
>         know what
>         that device is.  If you use the standard range, the protocol
>         analyzer
>         should be able to identify the manufacturer as Xen.
>
>         Good Luck!
>
>         On Mon, 2006-03-13 at 14:23 -0500, Frank DiRocco wrote:
>         > Hello again! I've got my vmware privleged domu running great
>         and a
>         > shorewall based firewall doing all the routing perfectly. so
>         i decided
>         > to use the procedure on my production server (mirrored so no
>         big deal
>         > if it goes down from time to time). the setup is exactly the
>         same as
>         > in vmware:MAC
>         >            ____________________________________
>         >            |     ___________________________            |
>         >            |     |
>         > |           |
>         > eth0----+----|        msxen0 from option-c.com
>         > |----------+------eth1 LAN
>         >            |     |          domu shorewall firewall
>         |
>         > |
>         >            |     |___eth2______________eth3___ |           |
>         >            |              |                                  |
>         > |
>         >            |              |                                  |_DMZ
>         > |
>         >            |              |
>         > |  yes this is broken on purpose so dmz access cannot reach
>         dom0
>         >            |              |
>         > |
>         >            |_______|_________________|__________ |
>         >            |
>         > |
>         >            |             dom 0 w/ dummy
>         module                    |
>         >            |    physdev_dom0_hide=(my nic interfaces)      |
>         MAC
>         >            |___________________________________ | (sorry my
>         asci
>         > stinks)
>         >
>         > as you can hopfully see dom0 only has two interfaces, dummy0
>         and
>         > dummy1. the firewall domu has 4 eth0 eth1 eth2 eth3. The
>         PROBLEM is i
>         > can not get a dhcp address from my ISP, it eventually times
>         out.
>         > Although, the exact same setup on a virtual machine inside
>         my lan,
>         > eth0 recives a dhcp address (localy) with no problems.
>         >
>         > xm list firewall (on both real server and test-server)public
>         > (vif (idx0) (vif0) (mac:aa:00:00:09:3e:fc) (vifname vif 1.0)
>         (bridge
>         > br0) (evtchn 14 4) (index 0))
>         > (vif (idx0) (vif1) (mac:aa:00:00:09:3e:fc) (vifname vif 1.1)
>         (bridge
>         > br0) (evtchn 15 5) (index 1))
>         > (vif (idx0) (vif2) (mac:aa:00:00:09:3e:fc) (vifname vif 1.2)
>         (evtchn
>         > 16 6) (index 2))
>         > (vif (idx0) (vif3) (mac:aa:00:00:09:3e:fc) (vifname vif 1.3)
>         (evtchn
>         > 17 7) (index 3))
>         >
>         > Is there anything I have to do the get the dhcp address from
>         the isp
>         > as oppesed to getting from a debian server on my lan.
>         > All comments questions and whatnot are welcomed and
>         appriciated.
>         >
>         > --
>         > Thank you,
>         > Frank  Di Rocco
>         >
>         > "Does an optimistic person look at a hard drive as half-full
>         or
>         > half-empty?" -ofanged1-at-gmail.com
>         > _______________________________________________
>         > Xen-users mailing list
>         > Xen-users@xxxxxxxxxxxxxxxxxxx
>         > http://lists.xensource.com/xen-users
>         --
>         Patrick Wolfe  ( pwolfe@xxxxxxxxxxxxxx)
>
>
>
>         -----BEGIN PGP SIGNATURE-----
>         Version: GnuPG v1.4.1 (GNU/Linux)
>
>         iD8DBQBEFcvFIibbc6631koRAqr8AKCVs
>         +KvEwD2npRB7iHVgy3EQHgnHQCgiYtU
>         mQnueDO1huydaS+8EAABmRE=
>         =urfO
>         -----END PGP SIGNATURE-----
>
>
>
>
>
> --
> Thank you,
> Frank  Di Rocco
>
> "Does an optimistic person look at a hard drive as half-full or
> half-empty?" -ofanged1-at-gmail.com
--
Patrick Wolfe  ( pwolfe@xxxxxxxxxxxxxx)



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBEFdmAIibbc6631koRAjwNAJ9d3dBHRGLxsR4Ohu3btJO6MQbqRwCfdNKA
8TNhmUeQq2oPtFOIS47lG/U=
=+owQ
-----END PGP SIGNATURE-----





--
Thank you,
Frank  Di Rocco

"Does an optimistic person look at a hard drive as half-full or half-empty?" - ofanged1-at-gmail.com
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.