[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen Networking problem!
Hi Todd, Thanks for your reply.You'll find right down all informations about my settings (including iptables running on the Dom0) DomU1 = fwb uuid = "f990d210-2a76-6fa9-5130-b80a207baa89" vif = [ "mac=00:16:3e:1c:0f:0b,bridge=xenbr0" ] DomU2= virt-geko uuid = "bd4497d9-6613-f595-fae1-4bf8bc4aea33" vif = [ "mac=00:16:3e:16:ee:d4,bridge=xenbr0" ]results of the ifconfig command. I can't undrestand why HWaddr eth0 is different from HWaddr peth0. Do you understand why ? eth0 Link encap:Ethernet HWaddr 00:21:85:32:CA:8E inet adr:172.20.25.2 Bcast:172.20.25.255 Masque:255.255.255.0 adr inet6: fe80::221:85ff:fe32:ca8e/64 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6164 errors:0 dropped:0 overruns:0 frame:0 TX packets:1491 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:512499 (500.4 KiB) TX bytes:204595 (199.7 KiB) lo Link encap:Boucle locale inet adr:127.0.0.1 Masque:255.0.0.0 adr inet6: ::1/128 Scope:Hôte UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:8 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:560 (560.0 b) TX bytes:560 (560.0 b) peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:11222 errors:0 dropped:0 overruns:0 frame:0 TX packets:1738 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:1115603 (1.0 MiB) TX bytes:237120 (231.5 KiB) Mémoire:de340000-de360000 vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:1497 errors:0 dropped:0 overruns:0 frame:0 TX packets:6167 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:206963 (202.1 KiB) TX bytes:512679 (500.6 KiB) vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:3 errors:0 dropped:0 overruns:0 frame:0 TX packets:4314 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:32 RX bytes:84 (84.0 b) TX bytes:338534 (330.5 KiB) vif2.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:202 errors:0 dropped:0 overruns:0 frame:0 TX packets:4442 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:32 RX bytes:20039 (19.5 KiB) TX bytes:358895 (350.4 KiB) virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00inet adr:192.168.122.1 Bcast:192.168.122.255 Masque:255.255.255.0 adr inet6: fe80::200:ff:fe00:0/64 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:31 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 b) TX bytes:6837 (6.6 KiB) xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:4317 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:286208 (279.5 KiB) TX bytes:0 (0.0 b) [root@virts xen]# brctl show xenbr0 bridge name bridge id STP enabled interfaces virbr0 8000.000000000000 yes xenbr0 8000.feffffffffff no vif2.0 vif1.0 peth0 vif0.0 [root@virts xen]# brctl showmacs xenbr0 port no mac addr is local? ageing timer 2 00:00:85:83:0d:1f no 187.77 2 00:14:38:dd:b6:6c no 246.89 2 00:14:38:df:a9:25 no 7.46 2 00:15:17:11:d0:60 no 11.49 2 00:15:17:12:11:24 no 22.58 4 00:16:3e:16:ee:d4 no 22.58 2 00:18:8b:08:62:44 no 60.58 2 00:18:8b:08:80:9c no 91.25 2 00:18:8b:08:84:4f no 16.63 2 00:18:8b:08:85:3b no 65.18 2 00:18:8b:08:85:7b no 137.78 2 00:18:8b:08:85:ae no 7.96 2 00:18:8b:08:86:27 no 24.48 2 00:18:8b:08:8c:a9 no 135.02 2 00:18:8b:08:8c:ed no 35.36 2 00:18:8b:25:9e:f8 no 121.48 2 00:18:8b:27:b3:9a no 238.33 2 00:18:8b:27:d5:38 no 97.22 2 00:18:8b:27:e4:1d no 75.80 2 00:18:fe:9e:0a:6c no 7.48 2 00:19:30:6f:ca:8f no 1.18 2 00:19:b9:67:8a:8f no 0.00 2 00:1a:a0:ae:54:25 no 10.45 2 00:1a:e2:ca:5f:00 no 25.44 2 00:1a:e3:4d:1b:0a no 0.26 2 00:1a:e3:4d:1b:43 no 70.06 2 00:1b:2a:20:2b:d1 no 296.46 2 00:1b:2a:20:6b:3c no 179.91 2 00:1b:2a:20:b2:24 no 249.45 2 00:1b:2a:20:b2:2a no 277.33 2 00:1b:2a:89:95:50 no 269.97 2 00:1b:2a:89:95:68 no 27.25 2 00:1b:2a:89:ab:d0 no 297.39 2 00:1b:2a:89:ac:6b no 240.17 2 00:1b:2a:89:e4:f3 no 72.68 2 00:1b:53:39:b3:00 no 26.38 2 00:1c:ee:04:ef:4c no 50.50 2 00:1e:f7:c4:b7:65 no 285.87 1 00:21:85:32:ca:8e no 0.00 2 08:00:1f:82:7d:a3 no 75.80 1 fe:ff:ff:ff:ff:ff yes 0.00 [root@virts xen]# brctl showmacs virbr0 port no mac addr is local? ageing timer Here are the Dom0's iptables : Table filter Chain INPUT (policy ACCEPT 0 packets, 0 bytes)num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 2 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 3 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 4 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 5 0 0 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED 2 0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0 3 0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0 4 0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 5 0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 6 0 0 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 7 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vif1.0 8 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vif2.0 Chain OUTPUT (policy ACCEPT 1459 packets, 178K bytes)num pkts bytes target prot opt in out source destination Chain RH-Firewall-1-INPUT (2 references)num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 2 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255 3 0 0 ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0 4 0 0 ACCEPT ah -- * * 0.0.0.0/0 0.0.0.0/0 5 0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353 6 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:631 7 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:631 8 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 9 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 10 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Table nat Chain PREROUTING (policy ACCEPT 859 packets, 100K bytes)num pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 3 packets, 357 bytes)num pkts bytes target prot opt in out source destination 1 0 0 MASQUERADE all -- * * 192.168.122.0/24 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 3 packets, 357 bytes)num pkts bytes target prot opt in out source destination ~ Regards, Todd Deshane a écrit : On Fri, Aug 1, 2008 at 4:32 AM, Stéphane Cesbron <Stephane.Cesbron@xxxxxxxxx> wrote:Hi, I 've got a CentOS 5.2 server running xen 3.0 with 2 DomUs also running CentOS 5.2. All my boxes are up-to date. I'm experiencing trouble with networking. Dom0 can reach the outside world when no DomU are started. It can also reach the outside world when only one DomU is running. The troubles begin when I start the second DomU. At first, this new DomU, called DomU2, can't get outside. (at the time Dom0 and DomU1 are still reachable from outside). Once I get connected to DomU2 (console mode, xm console DomU2) and try to get outside, I'll get through after a small amout of time. Nevertheless, this causes Dom0 to stop being reachable from the outside. Therefore when my two DomUs are running, there are running fine and I can reach them with SSH but Dom0 becomes unreachable. After sometimes it changes Dom0 becomes reachable again and one of the 2 DomUs becomes unreachable from the outside. It is completely random but there's still one of the Doms which is unreachable. It depends on the one I'm connected to ! BUT being connected to the console on the server, I can reach each DomU (DomU1 and DomU2) from Dom0 or reach Dom0 from each DomUs (DomU1 and DomU2) I help myself with some tutorials but can't get through my difficulties. http://wiki.xensource.com/xenwiki/XenNetworking http://doc.fedora-fr.org/wiki/Xen_et_le_réseau http://www.shorewall.net/XenMyWay.html => Xen and the Art of Consolidation Nevertheless, I can't get through my troubles. Here's the result of the ifconfig command when everything is started : DomUs + Dom0 eth0 Link encap:Ethernet HWaddr 00:21:85:32:CA:8E inet adr:172.20.25.2 Bcast:172.20.25.255 Masque:255.255.255.0 adr inet6: fe80::221:85ff:fe32:ca8e/64 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:88446 errors:0 dropped:0 overruns:0 frame:0 TX packets:2906 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:6888620 (6.5 MiB) TX bytes:189520 (185.0 KiB) lo Link encap:Boucle locale inet adr:127.0.0.1 Masque:255.0.0.0 adr inet6: ::1/128 Scope:Hôte UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:34 errors:0 dropped:0 overruns:0 frame:0 TX packets:34 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:7010 (6.8 KiB) TX bytes:7010 (6.8 KiB) peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:25871448 errors:0 dropped:0 overruns:0 frame:0 TX packets:5396663 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:31027675382 (28.8 GiB) TX bytes:434789497 (414.6 MiB) MÃ(c)moire:de340000-de360000 vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:2906 errors:0 dropped:0 overruns:0 frame:0 TX packets:88446 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:189520 (185.0 KiB) TX bytes:6888620 (6.5 MiB) vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:1886 errors:0 dropped:0 overruns:0 frame:0 TX packets:86964 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:32 RX bytes:127848 (124.8 KiB) TX bytes:6453003 (6.1 MiB) vif2.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF adr inet6: fe80::fcff:ffff:feff:ffff/64 Scope:Lien UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:5389130 errors:0 dropped:0 overruns:0 frame:0 TX packets:10150353 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:32 RX bytes:358810111 (342.1 MiB) TX bytes:15229333872 (14.1 GiB) virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet adr:192.168.122.1 Bcast:192.168.122.255 Masque:255.255.255.0 adr inet6: fe80::200:ff:fe00:0/64 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:44 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 b) TX bytes:8758 (8.5 KiB) xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:84790 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:4982000 (4.7 MiB) TX bytes:0 (0.0 b) I can't understand why the MAC addresses of peth0 is different from the one of eth0. vibr0 seems to be useless. These should be the same, shouldn't they ? peth0's MAC address and xenbr0's MAC address are the same which seems logical to me. Am I wrong ? Can anyone help ? Any suggestions will be greatly appreciated.What is the output of: brctl show ip route list with 0, 1 and 2 domUs running? The networking parts of xend-config.sxp and the vif lines in your domUs might be useful. Cheers. ToddKind regards, -- Stéphane Cesbron Responsable Régional Informatique, INSERM ADR Grand-Ouest, BRETAGNE, PAYS DE LA LOIRE et CENTRE 63, quai Magellan 3ème étage - Hall B B.P. 32116 44021 Nantes cedex 1 Email : stephane.cesbron@xxxxxxxxx Tél : 02.40.20.92.28 Portable : 06.78.68.76.39 ----------------------------------------------------------------- Ce message et toutes les pieces jointes sont etablis a l'intention exclusive de ses destinataires et peuvent etre confidentiels ou proteges. L'internet ne permettant pas d'assurer l'integrite de ce message, l'INSERM decline toute responsabilite au titre de ce message, dans l'hypothese ou il aurait ete modifie. Toute utilisation de ce message non conforme a sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse. Si vous recevez ce message par erreur, merci de le detruire et d'en avertir immediatement l'expediteur. Merci. The information transmitted is intended exclusively for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any disclosure, copying, distribution or other action based upon the information by persons or entities other than the intended recipient is prohibited. If you receive this information in error, please contact the sender and delete the material from any and all computers. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users -- Stéphane Cesbron Responsable Régional Informatique, INSERM ADR Grand-Ouest, BRETAGNE, PAYS DE LA LOIRE et CENTRE 63, quai Magellan 3ème étage - Hall B B.P. 32116 44021 Nantes cedex 1 Email : stephane.cesbron@xxxxxxxxx Tél : 02.40.20.92.28 Portable : 06.78.68.76.39 ----------------------------------------------------------------- Ce message et toutes les pieces jointes sont etablis a l'intention exclusive de ses destinataires et peuvent etre confidentiels ou proteges. L'internet ne permettant pas d'assurer l'integrite de ce message, l'INSERM decline toute responsabilite au titre de ce message, dans l'hypothese ou il aurait ete modifie. Toute utilisation de ce message non conforme a sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse. Si vous recevez ce message par erreur, merci de le detruire et d'en avertir immediatement l'expediteur. Merci. The information transmitted is intended exclusively for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any disclosure, copying, distribution or other action based upon the information by persons or entities other than the intended recipient is prohibited. If you receive this information in error, please contact the sender and delete the material from any and all computers. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |