[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] xen bridge and NAT

  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: "Christian Lyra" <lyra@xxxxxxxxxxxxx>
  • Date: Mon, 12 Nov 2007 23:47:14 -0200
  • Delivery-date: Mon, 12 Nov 2007 17:48:18 -0800
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=ix0V4lFPoRwVbmWd5rHpJkPALZLixldt0Aeq5LJrjuoAb721MlvNnuSiLQfJEaLka2HKVzA/Svr1xgZ6Da7uUhFwE33tbyw/guA2TdMgyh03zBxkP4Ng7IhgXlG5LI6rYEaowS52B6LHQSRaZAaoVr8s028MRxNyZ3DTvztbOUY=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
Hi,

I´m trying to setup the following scenario:

<intranet> ------------------->|    xen bridge=intranet |   eth1    |
-------> <internet>
<virtual_machines> ------>|           netdev=eth0      |   <nat>  |

I mean, I have a xen machine with two nics, one connected to a
intranet and the other to the internet. As I want virtual machines and
real intranet machines on the same network I´m using the xen bridge
scripts to create a bridge called "intranet". This work as expected
and virtual machines, real machines and xen can all "see" and ping
each other. But xen is not NATing the packets sent to internet! I can
see the packets coming out unnated.

The relevant configs:

/etc/xen/xend-config.sxp

(network-script 'network-bridge netdev=eth0 bridge=intranet')
(vif-script vif-bridge)

/etc/network/interfaces

auto eth0
iface eth0 inet static
        address 10.0.0.254
        netmask 255.255.255.0

auto eth1
iface eth1 inet static
        address 192.168.0.22
        netmask 255.255.255.0
        gateway 192.168.0.1

/etc/network/nat.sh

#!/bin/sh
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward


A tcpdump -n -i eth1 shows packets coming out unnated.  Is this
expected? is there a way to make this work as expected?

-- 
Christian Lyra
PoP-PR/RNP

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.