[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] NET Network / Server running on internal Network not reachable

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: Robert M. Münch <robert.muench@xxxxxxxxxxxxxxx>
Date: Thu, 10 Jul 2008 23:00:45 +0200
Delivery-date: Thu, 10 Jul 2008 14:01:21 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>

On Tue, 08 Jul 2008 21:05:05 +0200, Robert M. Münch<robert.muench@xxxxxxxxxxxxxxx> wrote:

Hi all, since several days I try to get NAT networking to work, which isdriving my nuts... I don't know what to do anymore. Maybe some experthave a good tip for me. I have ready almost anything about this topicand tested most stuff, but still no luck.
I want to run a web-server on a DomU. Hence I used the normal NAT setupfrom xen.
Current setup & situation

1. DomO can access the internet
2. Dom0 can access the DomU
3. DomU (10.0.0.1) can access the internet
4. DomU can access Dom0

What's not working is that I can't reach the web-server running on DomU.

Hi, answering to my own posting, I have found out something I think is thesource of the problem:

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT tcp -- anywhere eisxen tcp dpt:wwwto:10.0.0.1:80

This rule should rewrite the incoming TCP packet with a new internal IP,so that the normal routing than routes it to the VM running the web-server.

But TCPDUMP shows that the packet goes into PREROUTING and than intoFORWARD:

PREROUTING ENTER: IN=xenbr0 OUT= PHYSIN=peth0MAC=00:11:6b:94:d8:ea:00:18:74:84:8c:00:08:00 SRC=153.57.18.221DST=87.118.120.16 LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=54899 DF PROTO=TCPSPT=63149 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0

FORWARD ENTER: IN=xenbr0 OUT=xenbr0 PHYSIN=peth0 PHYSOUT=vif0.0SRC=153.57.18.221 DST=87.118.120.16 LEN=40 TOS=0x00 PREC=0x00 TTL=57ID=54898 DF PROTO=TCP SPT=37545 DPT=80 WINDOW=64240 RES=0x00 RST URGP=0

And DST=87.118.120.16 is my external static IP. I expected hereDST=10.0.0.1

Than I have this error message: Performing cross-bridge DNAT requires IPforwarding to be enabled

I have searched for this but didn't found anything useful. Routing isenabled but I still think there are some problems. I'm not sure if this isthe source of the problem that the IP isn't rewritten.


Is this a known problem? Does anyone know a solution to this?

--
Robert M. Münch
http://www.robertmuench.de

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Follow-Ups:
- RE: [Xen-users] NET Network / Server running on internal Network not reachable
  - From: Dustin Henning

References:
- [Xen-users] NET Network / Server running on internal Network not reachable
  - From: Robert M. Münch

Prev by Date: Re: [Xen-users] Freebsd (still) not booting in Xen HVM?
Next by Date: [Xen-users] Xen guests clock is exactly 2 hours before dom0 time
Previous by thread: Re: [Xen-users] NET Network / Server running on internal Network not reachable
Next by thread: RE: [Xen-users] NET Network / Server running on internal Network not reachable
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.