[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] NAT on 3.0.2?

On Wed, 9 Aug 2006, Henning Sprang wrote:

> On 8/8/06, John Wells <groups@xxxxxxxxxxxxxxxxxxxxx> wrote:
> > Guys,
> >
> > Can anyone point me on documentation that shows how to properly use NAT on
> > 3.0.2? I've got bridging working fine, but trying to switch to NAT has
> > given me problems.
> >
> > I've tried following the documentation here
> > (http://www.howtoforge.com/perfect_setup_xen3_debian_p6) to no avail. I
> > know I'm likely missing a few steps.
> 
> 
> What exactly is not working?

He seems to be at the same spot (or close) to where I was at...

http://lists.xensource.com/archives/html/xen-users/2006-07/msg00368.html

you can see packets leaving the domU, getting NAT'd by the dom0, going out 
to an external box, being echoed back...

And here is where I run into trouble. I remember seeing the return packets 
on peth0 and not eth0 as John describes, but that means I still had a 
bridging config alive... and _that_ seems to trigger the kernel 
issue?/bug? which produces an error message

  "Performing cross-bridge DNAT requires IP forwarding to be enabled"

and the packets not to make it across the bridge to dom0... and of course, 
if dom0 doesn't get them, they do not get NAT'd back for forwarding to 
domU.

I guess the problem is mixing bridging and routed modes. That said, I am 
not sure I ever got it to work correctly, even using both the 
network-script and the vif-script (I should test it... but my current test 
configs are AOE based, and pretty much _must_ be bridged.)

I had spare IP addresses, so I just assigned a real IP and skipped trying 
to do NAT.

-Tom


> 
> Henning
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
> 
> 

----------------------------------------------------------------------
tbrown@xxxxxxxxxxxxx   | Courage is doing what you're afraid to do.
http://BareMetal.com/  | There can be no courage unless you're scared.
                       | - Eddie Rickenbacker

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.