|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-users] NET Network / Server running on internal Network not reachable
I don't know if this will help, as I'm a bit rusty, but try it: echo 1 > /proc/sys/net/ipv4/ip_forward I think 1 is enabled and 0 is disabled, but if I was wrong, then it would be echo 0 above. To check before changing it, try this: cat /proc/sys/net/ipv4/ip_forward The first provided command should be changing this number (if it's 0, use 1 & if it's 1, use 0). If this is actually enabled already, then changing it might make bridging stop working, so due diligence (research) might be in order before following this wild guess advice. Also, there is a way to change this setting more permanently via a config file, but I don't remember what it is. -----Original Message----- From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Robert M. Münch Sent: Thursday, July 10, 2008 17:01 To: xen-users@xxxxxxxxxxxxxxxxxxx Subject: Re: [Xen-users] NET Network / Server running on internal Network not reachable On Tue, 08 Jul 2008 21:05:05 +0200, Robert M. Münch <robert.muench@xxxxxxxxxxxxxxx> wrote: > Hi all, since several days I try to get NAT networking to work, which is > driving my nuts... I don't know what to do anymore. Maybe some expert > have a good tip for me. I have ready almost anything about this topic > and tested most stuff, but still no luck. > > I want to run a web-server on a DomU. Hence I used the normal NAT setup > from xen. > > Current setup & situation > > 1. DomO can access the internet > 2. Dom0 can access the DomU > 3. DomU (10.0.0.1) can access the internet > 4. DomU can access Dom0 > > What's not working is that I can't reach the web-server running on DomU. Hi, answering to my own posting, I have found out something I think is the source of the problem: > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > DNAT tcp -- anywhere eisxen tcp dpt:www > to:10.0.0.1:80 This rule should rewrite the incoming TCP packet with a new internal IP, so that the normal routing than routes it to the VM running the web-server. But TCPDUMP shows that the packet goes into PREROUTING and than into FORWARD: PREROUTING ENTER: IN=xenbr0 OUT= PHYSIN=peth0 MAC=00:11:6b:94:d8:ea:00:18:74:84:8c:00:08:00 SRC=153.57.18.221 DST=87.118.120.16 LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=54899 DF PROTO=TCP SPT=63149 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 FORWARD ENTER: IN=xenbr0 OUT=xenbr0 PHYSIN=peth0 PHYSOUT=vif0.0 SRC=153.57.18.221 DST=87.118.120.16 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=54898 DF PROTO=TCP SPT=37545 DPT=80 WINDOW=64240 RES=0x00 RST URGP=0 And DST=87.118.120.16 is my external static IP. I expected here DST=10.0.0.1 Than I have this error message: Performing cross-bridge DNAT requires IP forwarding to be enabled I have searched for this but didn't found anything useful. Routing is enabled but I still think there are some problems. I'm not sure if this is the source of the problem that the IP isn't rewritten. Is this a known problem? Does anyone know a solution to this? -- Robert M. Münch http://www.robertmuench.de _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |