[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] firewall messing xen setup

  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: zuaago <zuaago@xxxxxxxxx>
  • Date: Mon, 16 Jul 2007 00:25:59 +0200
  • Delivery-date: Sun, 15 Jul 2007 15:23:47 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=uIpBrwU4+VsBxrCqRZFpc4ZLJydlSlt4JBx9j9ze8GcFTHseupgevj9H0m1Xw60YltEBDLvANhUS6u0kS2IeYk/nx9iNr+youZ9CWosBfRMB4TNqxfWF0L8+U3NDJP4VDgl16X7dZcuwWmUOcZkt1pLl2ny3hRfGjWbg4E593+I=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

hi all,

i'm trying to understand how networking works on xen, but the firewall is messing the setup and i don't know why (it shouldn't block connections of the virtual interfaces!)..

i've the following setup: suse 10.2 with 2 network interfaces, the first one remains untouched by xen and is used only by the server itself -no problem-. the second one runs on another network and is managed by xen. the second interface doesn't work when the firewall is activated and server and virual-server can't see each other. none of them can connect to any other hosts of this second network.

bridge is up and running:

# brctl show xenbr1
bridge name     bridge id               STP enabled     interfaces
xenbr1          8000.feffffffffff       no              vif0.1

everything seems to be correct, interfaces are:

eth0 - network 1 - xen doesn't use it, works well
eth1 - network 2 - xen manages it, does not work when firewall is enabled
vif0.1 - eth1 on server
vif1.0 - eth0 on virtual server

what's what i'm missing about xen networking? the server firewall should only block connections directed to him, but not those of the virtual server, is it right? i have tried to put this interface on the internal zone (no port is blocked) and doen't work, i've activated forwarding, doesn't work.. only when the firewall is stopped everything works fine..
any help would be appreciated!



Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.