|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-users] Fully virtualized networking issues.
Hope someone can help me here, apologies if this has been asked before: I have two separate interfaces on the host XEN machine: eth0 and eth1. eth1 is 192.168.2.220 on a /24 subnet with a router of 192.168.2.254 eth0 is 192.168.1.220 on a /24 subnet with a router of 192.168.1.254because eth1 comes up second, the default route of the machine is 192.168.2.254 (these machines get their IP via static DHCP assignment) I've setup my own networking-script which brings up/establishes xenbr0.The guest machine (fully virtualized windows server 2003 32-bit) acquires a DHCP lease on xenbr0 (eth0, 192.168.1.0/24 network) successfully for the right interface. However, when trying to do the same thing for the second network card (xenbr1) the DHCP request never makes it out of the xen host, it's as if the xen hosts drops the request, sends it with bad data, or something else, I can't really tell.The firewall is off, xenbr0/eth0 works fine, xenbr1/eth1 doesn't send traffic at all (alternatively, traffic to a non-local destination goes out eth1 fine, so the eth1 interface works fine; it's the bridge that doesn't work)
Here's some configuration information in case it is of any help:
[root@xen1 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1A:92:E5:77:76
inet addr:192.168.1.220 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21a:92ff:fee5:7776/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:243 errors:0 dropped:0 overruns:0 frame:0
TX packets:271 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:19996 (19.5 KiB) TX bytes:48256 (47.1 KiB)
eth1 Link encap:Ethernet HWaddr 00:1A:92:E5:77:3B
inet addr:192.168.2.220 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::21a:92ff:fee5:773b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:73 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6753 (6.5 KiB) TX bytes:7778 (7.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2277 errors:0 dropped:0 overruns:0 frame:0
TX packets:2277 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2872356 (2.7 MiB) TX bytes:2872356 (2.7 MiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:268 errors:0 dropped:0 overruns:0 frame:0
TX packets:296 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:22568 (22.0 KiB) TX bytes:53426 (52.1 KiB)
Interrupt:24
peth1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:84 errors:0 dropped:0 overruns:0 frame:0
TX packets:26 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7749 (7.5 KiB) TX bytes:7744 (7.5 KiB)
Interrupt:16
tap0 Link encap:Ethernet HWaddr A2:66:BD:2D:86:3B
inet6 addr: fe80::a066:bdff:fe2d:863b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:354 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 b) TX bytes:46335 (45.2 KiB)
tap1 Link encap:Ethernet HWaddr FE:05:7F:68:DA:ED
inet6 addr: fe80::fc05:7fff:fe68:daed/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:69 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 b) TX bytes:8990 (8.7 KiB)
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:332 errors:0 dropped:0 overruns:0 frame:0
TX packets:269 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:57442 (56.0 KiB) TX bytes:21556 (21.0 KiB)
vif0.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:28 errors:0 dropped:0 overruns:0 frame:0
TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7778 (7.5 KiB) TX bytes:6753 (6.5 KiB)
vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vif1.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
xenbr0 Link encap:Ethernet HWaddr A2:66:BD:2D:86:3B
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:132 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15745 (15.3 KiB) TX bytes:0 (0.0 b)
xenbr1 Link encap:Ethernet HWaddr FE:05:7F:68:DA:ED
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:83 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:12037 (11.7 KiB) TX bytes:0 (0.0 b)
[root@xen1 ~]# cat /etc/xen/scripts/my-network-script
#!/bin/sh
dir=$(dirname "$0")
"$dir/network-bridge" "$@" vifnum=0
"$dir/network-bridge" "$@" vifnum=1
(originally this also had bridge information in it, apparently it's not
a big deal if it's written this way; it also didn't work the previous
way so this was something different)
[root@xen1 ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destinationACCEPT all -- anywhere anywhere PHYSDEV match --physdev -in vif1.1 Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@xen1 ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destinationACCEPT all -- anywhere anywhere PHYSDEV match --physdev-in vif1.1 Chain OUTPUT (policy ACCEPT) target prot opt source destinationforwarding is turned off, but we're not doing routing here and I'm using bridging anyways... doesn't matter if this rule is there or not; tried it with it there and removed as well - didn't affect anything. Nov 19 14:06:40 localhost kernel: tun: Universal TUN/TAP device driver, 1.6Nov 19 14:06:40 localhost kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@xxxxxxxxxxxx> Nov 19 14:06:40 localhost kernel: device tap0 entered promiscuous mode Nov 19 14:06:40 localhost kernel: device tap1 entered promiscuous modeNov 19 14:06:40 localhost kernel: xenbr0: port 3(tap0) entering learning state Nov 19 14:06:40 localhost kernel: xenbr0: topology change detected, propagating Nov 19 14:06:40 localhost kernel: xenbr0: port 3(tap0) entering forwarding state Nov 19 14:06:40 localhost kernel: xenbr1: port 3(tap1) entering learning state Nov 19 14:06:40 localhost kernel: xenbr1: topology change detected, propagating Nov 19 14:06:40 localhost kernel: xenbr1: port 3(tap1) entering forwarding state Nov 19 14:06:42 localhost avahi-daemon[2874]: New relevant interface tap0.IPv6 for mDNS. Nov 19 14:06:42 localhost avahi-daemon[2874]: Joining mDNS multicast group on interface tap0.IPv6 with address fe80::a066:bdff:fe2d:863b. Nov 19 14:06:42 localhost avahi-daemon[2874]: Registering new address record for fe80::a066:bdff:fe2d:863b on tap0. Nov 19 14:06:42 localhost avahi-daemon[2874]: New relevant interface tap1.IPv6 for mDNS. Nov 19 14:06:42 localhost avahi-daemon[2874]: Joining mDNS multicast group on interface tap1.IPv6 with address fe80::fc05:7fff:fe68:daed. Nov 19 14:06:42 localhost avahi-daemon[2874]: Registering new address record for fe80::fc05:7fff:fe68:daed on tap1. Nov 19 14:06:42 localhost kernel: device vif1.0 entered promiscuous mode Nov 19 14:06:42 localhost kernel: device vif1.1 entered promiscuous modeNov 19 14:06:42 localhost kernel: ADDRCONF(NETDEV_UP): vif1.0: link is not ready Nov 19 14:06:42 localhost kernel: ADDRCONF(NETDEV_UP): vif1.1: link is not ready Nov 19 14:06:42 localhost kernel: loop: loaded (max 8 devices)Nov 19 14:06:42 localhost kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Nov 19 14:06:42 localhost logger: /etc/xen/scripts/vif-bridge: iptables -A FORWARD -m physdev --physdev-in vif1.0 -j ACCEPT failed. If you are using iptables, this may affect networking for guest domains. Nov 19 14:06:48 localhost init: open(/dev/pts/0): No such file or directory Nov 19 14:06:48 localhost init: open(/dev/pts/0): No such file or directoryNov 19 14:06:49 localhost pcscd: winscard.c:219:SCardConnect() Reader E-Gate 0 0 Not Found I noticed the rule failure; I ran the command myself with success (no error message or state); did not affect the guest's networking issue. [root@xen1 ~]# netstat -rn Kernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 192.168.2.254 0.0.0.0 UG 0 0 0 eth1 any suggestions people? apologies for the long email; everything I've read says this works fine, but not for me; so I must be doing something wrong. Using CentOS 5, Xen version 3.0.3-25.0.4 libs same version. David Todd _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |