[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] XEN, VLANs and network problems

To: xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
From: Stephan Seitz <nur-ab-sal@xxxxxx>
Date: Fri, 20 Jul 2007 16:11:28 +0200
Delivery-date: Fri, 20 Jul 2007 07:09:25 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>
Mail-followup-to: xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>

Hi!

Iâm trying to expand a XEN environment. The hardware has two NICs joinedtogether by the bonding driver. All traffic between the switch and thebond0 interface has VLAN tags.

At the beginning I had only DomUs in two VLANs which I configured in thefollowing way:

- I created dummy vlan interfaces without IP address;
- I created bridges with one connection to the dummy vlan interfaces;
- the VIFs of the DomUs where configured to attach to the given bridge:

With this the DomUs will only see the untagged traffic of their networks.

Debian-Example:
/etc/network/interfaces:
[snip]
auto vlan10
iface vlan10 inet manual
        vlan-raw-device bond0
auto xenbr10
iface xenbr10 inet manual
        bridge_ports vlan10
        bridge_maxwait 0
[snip]

Everything worked as planned, but now I have a DomU needing more thanthree NICs (and I will need another DomU needing 9). I realized that XENsupports only three virtual NICs.


What to do now?
I tried to create a new bridge directly attached to bond0:
auto xenbrefw0
iface xenbrefw0 inet manual
        bridge_ports bond0
        bridge_maxwait 0

and using VLANs within the DomU. But this worked not at all. Trying toping a host outside the XEN environment but in the same network from thisDomU I can see ARP requests going to the target host (sniffing at bond0).The target host is receiving the ARP requests and answered them, butI canât see the ARP replies at the bond0 interface, so the DomU doesnâtsee any answers as well.


The question is why? How can I configure this situation correctly?

Another problem is that the new DomU directly attached to bond0 would seemore networks as it should. How can I restrict this? Could I use ebtablesto filter allowed VLANs between bond0 and the xenbrefw0?


Any help in this matter is appreciated.

Shade and sweet water!

        Stephan

--
| Stephan Seitz                    E-Mail: Nur-Ab-Sal@xxxxxx |
| PGP Public Keys: http://fsing.rootsland.net/~stse/pgp.html |

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Prev by Date: Re: [Xen-users] x11 why?
Next by Date: Re: [Xen-users] xm list doesn't work
Previous by thread: [Xen-users] x11 why?
Next by thread: [Xen-users] Zombie domU
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.