[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Re: CentOS 5.2, xen-3.3, network/firewall setup

Meng Kuan wrote:

On Oct 22, 2008, at 8:17 PM, Robin Bowes wrote:
I have CentOS 5.2 Dom0, which was running xen-3.1.2 which I rebuilt from Fedora RPMS. All DomUs worked fine (CentOS PV installs).

I recently upgraded to xen-3.3 (from the gitco repo - nice job!) and I've found that guest networking is working the same. Specifically, the Dom0 firewall is blocking traffic to/from the DomUs.

If I turn off iptables on the dom0, the guest networking works OK.

Try the following tip from http://wiki.libvirt.org/page/Networking

Alternatively, you can prevent bridged traffic getting pushed through the host's iptables rules. In /etc/sysctl.conf add

# cat >> /etc/sysctl.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
# sysctl -p /etc/sysctl.conf


I'm doing a new install so I can see what the "out-of-the-box" settings are, and take it from there.



Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.