[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] 802.1Q VLAN vs xenbr0

  • To: Tiago Cruz <tiagocruz@xxxxxxxxxxxx>
  • From: Dariusz Malec <dariusz.malec@xxxxxxxxx>
  • Date: Thu, 06 Mar 2008 09:38:46 +0100
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Thu, 06 Mar 2008 00:40:53 -0800
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=yHbzjjeLBkTClMI6YkqtW3lDKFquFcmQBrXiu8jD3rEfZj2/nwYmL9/xsIfjaoIY9OVq9zqDyM7BZEJqVlyXowLCzA6IwZrTE5LWhaO+dMC7p+/xku4X2sFAgvi89/oei0bDPEMthdV1LI3uX21pDeqHBnM7BLi0AGn8VEA+0Vo=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Openpgp: id=27A3383F; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x27A3383F
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Tiago Cruz pisze:
> On Wed, 2008-03-05 at 20:16 +0100, Dariusz Malec wrote:
> 
>> brctl addbr xenbr0
>>
>> This command will create a bridge named xenbr0 and that name is also a
>> interface name which you can assign ip address or use just as a bridge
>> itself.
> 
> Hello Malec,
> 
> Thanks for your tip.
> 
> But, when I does this command:
> ïbtctl addif xenbr0 eth0.260
> 
> I lost my VLAN 260. And the same for 261. The network stop to ping and
> stop to work... Did you have any other tip?
> 
> Thanks
> 

What does it mean "you lost your vlan"? if you have assign an ip addres
to eth0.260 interface you will lost a communication when you add this
interface to the bridge.
Try to configure eth0.260 with no ip addr assigned, add this interface
to the bridge and assign ip address to the xenbr0 interface. You should
be able to ping your hosts in vlan260 from dom0.
I assume that you want to start new virtual machine and you want to
communicate with it from dom0 and vlan260, so you need to add this
iptables rules:

iptables -A FORWARD -m physdev --physdev-in tap+ -j ACCEPT
iptables -m physdev --physdev-out tap+ -j ACCEPT
iptables -m physdev --physdev-in eth0.260 -j ACCEPT
iptables -m physdev --physdev-out eth0.260 -j ACCEPT

- ------------------------------------------------------------------

My bridge configuration is:
mamut:~# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.001a4ba48746       no              vlan115
                                                        tap0
                                                        vif9.0
mamut:~# ip a
1: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:1a:4b:a4:87:46 brd ff:ff:ff:ff:ff:ff

132: vlan115@eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
    link/ether 00:1a:4b:a4:87:46 brd ff:ff:ff:ff:ff:ff
133: br0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
    link/ether 00:1a:4b:a4:87:46 brd ff:ff:ff:ff:ff:ff
    inet 10.100.250.230/24 brd 10.100.250.255 scope global br0
135: vif9.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast
qlen 32
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
136: tap0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 500
    link/ether 12:7f:d7:e4:77:f5 brd ff:ff:ff:ff:ff:ff

mamut:~# iptables -L FORWARD -v -n
Chain FORWARD (policy DROP 1 packets, 40 bytes)
 pkts bytes target     prot opt in     out     source
destination
  236 32002 ACCEPT     0    --  *      *       0.0.0.0/0
0.0.0.0/0           PHYSDEV match --physdev-in tap+
 4113  358K ACCEPT     0    --  *      *       0.0.0.0/0
0.0.0.0/0           PHYSDEV match --physdev-out tap+
 4107  356K ACCEPT     0    --  *      *       0.0.0.0/0
0.0.0.0/0           PHYSDEV match --physdev-in vlan115
    0     0 ACCEPT     0    --  *      *       0.0.0.0/0
0.0.0.0/0           PHYSDEV match --physdev-out vlan115
    0     0 ACCEPT     0    --  *      *       0.0.0.0/0
0.0.0.0/0           PHYSDEV match --physdev-in vif9.0

So you can see that my interface vlan115 have no ip assigned. The br0
interface have an ip, co i can communicate with vlan115 through br0
interface. iptables rules makes the bridge forward all packages from
virtual interface tap0 and from vlan.

- --
Pozdrawiam Dariusz Malec
http://www.kos.wsiz.rzeszow.pl
http://www.kos.wsiz.rzeszow.pl/~dmalec
GG:1720216
JID:dmalec@xxxxxxxxxxxxxxxxxxxxxxxxxx

"PodwÅadny powinien przed obliczem przeÅoÅonego mieÄ wyglÄd lichy i
durnowaty, tak by swoim pojmowaniem istoty sprawy, nie peszyÄ przeÅoÅonego."
Ukaz Cara Rosji Piotra I z 9 grudnia 1708 roku

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHz62WjT0NFyejOD8RAgfSAJ4+OeYbh30C8RFI3VfKG8RmDDo15wCdFwNV
Vqpk3BU/Ijqy6gsBIAi7PRI=
=Z9Tv
-----END PGP SIGNATURE-----

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.