[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] DomU's unable to connect to vnet0 / bridge

perhaps you should configure the bridge as a trusted interface in firewall

Sree Harsha Totakura
Member, Open Source Platform - TEG
Tata Consultancy Services
Ph:- +91-22-67782038
Mailto: sreeharsha.totakura@xxxxxxx
Website: http://www.tcs.com
Experience certainty.   IT Services
                  Business Solutions

             Sent by:                                                   To 
             xen-users-bounces         xen-users@xxxxxxxxxxxxxxxxxxx       
             @lists.xensource.                                          cc 
                                       [Xen-users] DomU's unable to        
             06/16/2009 12:11          connect to vnet0 / bridge           

I'm trying to get some XEN VMs working on my CentOS 5.3 server.  The VM's
are installed and everything is working but for the network.  I believe my
problem is with the bridge.  I have two ethernet adapters.
eth0 - external NIC running routable IP
eth1 - internal NIC running 10.0.xxx.xxx network

The internal machines behind the server are all NAT'd to the eth1 which
has an ip of  I have a vanilla install of CentOS 5.3 with the
XEN bits.  Here is a list of the installed XEN and support packages:

[root@cerberus ~]# rpm -qa |grep -i xen

[root@cerberus scripts]# rpm -qa |grep -i libvirt

[root@cerberus init.d]# rpm -qa |grep -i dnsmasq

I'm running the 2.6.18-128.1.10.el5xen kernel:
[root@cerberus init.d]# uname -r

I only have one static routable IP address, and will be port forwarding on
the firewall (IPTables) to the VMs for the services the VMs will be
running.  My hope is to have the VMs running on 10.0.2.XXX but that's not
a requirement.  It seems that the CentOS distro is setup for
192.168.122.xxx so if that's needed, I'll deal with it.

Here is the route tables:
[root@cerberus ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface      *        U     0      0        0
eth0   *        U     0      0        0
vnet0     *          U     0      0        0
eth0        *            U     0      0        0
default         L408.AUSTTX-DSL         UG    0      0        0

I tried to change over the bridge by changing all the eth0 references in
the /etc/xen/scripts directory to use eth1:
[root@cerberus scripts]# grep eth1 *
vif-common.sh:  local nd=${netdev:-eth1}

but this isn't working.  :(  I have Dom1 and Dom2 up and running, and
setup as and but they are unable to ping or
connect to  Dom0 is able to see and connect to the vnet0:
[root@cerberus scripts]# ping -c2
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.127 ms
64 bytes from icmp_seq=2 ttl=64 time=0.108 ms

--- ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.108/0.117/0.127/0.014 ms

The last time I used these VMs was back when this was still a CentOS 5.0
(perhaps 5.1) box, but it seems that somewhere along the way the RPM
updates that brought it up to 5.3 did something and I'm unable to get
things working.  :(

I had some problems with named, dhcpd, dnsmasq, and libvirtd having some
conflicts such that dnsmasq wouldn't start due to the ports being used,
but I set named and dhcpd to only listen on eth0 and eth1, and dnsmasq to
only listen on vnet0, so all four services are functional (near as I can
tell) now.

I've tried setting the DomU's as static, no joy.  I've tried using the
dnsmasq dhcp, also to no avail.  I spent the weekend searching the
archives, googleing by brains out, and trying experiment after experiment,
to get one of my DomU's to connect to either or

Any assistance here would be GREATLY appreciated...  even if it were just
an example working configuration that allows a DomU to connect to an
internal private network on eth1.

Xen-users mailing list


Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.