[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] icmp problem on

To: Oliver Rojo <orojo@xxxxxxxxxxxx>
From: "Fajar A. Nugraha" <fajar@xxxxxxxxx>
Date: Tue, 16 Feb 2010 17:59:56 +0700
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 16 Feb 2010 03:01:36 -0800
List-id: Xen user discussion <xen-users.lists.xensource.com>

On Tue, Feb 16, 2010 at 5:50 PM, Oliver Rojo <orojo@xxxxxxxxxxxx> wrote:
> I can ping remote IP addresses but I couldn't ping domains such as google.com 
> unless I do clear my shorewall rules on dom0. I'm using bridging by the way.

So you're able to ping google's IP address directly?
If yes, sounds like shorewall is blocking DNS queries from domUs. You
need to allow that, as by default iptables will not only filter dom0's
traffic, but also bridged traffic from domUs.

An alternative would be to set
/proc/sys/net/bridge/bridge-nf-call-iptables to 0, which should make
iptables ignore bridged traffic.

-- 
Fajar

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

References:
- [Xen-users] icmp problem on
  - From: Oliver Rojo

Prev by Date: [Xen-users] icmp problem on
Next by Date: [Xen-users] problem with xen cloud installation on a shared storage
Previous by thread: [Xen-users] icmp problem on
Next by thread: Re: [Xen-users] icmp problem on
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.