[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] weird issue with xen, bridging, and apache

  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: vahram <vahram@xxxxxxxxx>
  • Date: Thu, 4 Oct 2007 18:40:58 -0700
  • Delivery-date: Thu, 04 Oct 2007 18:41:49 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=kwZ6R8w0k5oTYvIIPcn4Fat884bWldthok3tWrOnOBfcJEOQFPVViKH9BPr/Du5WADp63rWPARzJYm9U5pVBL7XFHjwUpgkdOHIkK2RQdvVwSQQdlghNkB3glk21IOmeS1oI/fN3oSxChynPaBW3miL50KtzjamBYyZSDaiN0xU=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>


I've had 2 separate problems today with one of our CentOS 5 machines
running Xen and Centos 5 domU's.  The machine has two network cards --
eth0 is a public IP, and eth1 is a 10.1.0.x IP.

I setup bridging by using:
(network-script my-network-script)
(vif-script vif-bridge)

The contents of my-network-script:

dir=$(dirname "$0")
"$dir/network-bridge" "$@" vifnum=0 netdev=eth0
"$dir/network-bridge" "$@" vifnum=1 netdev=eth1

1st problem -- when the machine reboots, the peth* interfaces don't
get created, and I can't ping my DomU's from Dom0 and vice-versa.  I
have to shut down xen, run /etc/xen/scripts/my-network-script stop,
and then run /etc/xen/scripts/my-network-script.  Only then will the
proper interfaces get created, and everything will then work.  This
happens to be after doing a yum update (which installed a new xen
kernel and xen-libs), so I hope it has nothing to do with that....

2nd problem -- one of my DomU's has a public IP on eth0 and private IP
on eth1.  I can ping everything from everywhere.  If i'm on my private
network, i can telnet to port 80 on the domU and Apache will respond.
If I try to telnet to port 80 from outside the network over the public
IP, Apache will hang.  The request is recorded in Apache's log file,
but nothing is returned.  I tried completely disabling iptables and
running ethtool -K eth1 tx off and ethtool -K eth0 tx off, but that
doesn't seem to have done the trick.  I also tried enabling the
firewall and logging dropped requests, and this is what I got:

IN=eth0 OUT= MAC=00:16:3e:2f:1e:40:00:13:c4:40:8d:40:08:00
SRC=xxx.xxx.xxx.xxx DST=yyy.yyy.yyy.yyy LEN=48 TOS=0x00 PREC=0x00
TTL=115 ID=55731 DF PROTO=TCP SPT=3624 DPT=5900 WINDOW=65535 RES=0x00



Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.