[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] domU networking problem


  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: Christian Herrler <christian.herrler@xxxxxxxxxxxxxx>
  • Date: Thu, 18 Nov 2010 19:22:38 +0100
  • Delivery-date: Thu, 18 Nov 2010 10:24:06 -0800
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=X4G9CxXos00fSO+DUHV81igbIJBXKY/6F08JwYNXLUUxb13sxv1Jl0wuz9ut0zU5lw CKT20uHhOQuhE//A+O88lo1ZnWEVjWhyVj531/8NfZiprfvTGQI4kr5XY0ejP2D3WDOE i++MALasYhTCjZxJJbOz8hFbCD+fMXVw56kJE=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

Hello,

I have a xen server (xen-3.0-x86_32p hvm-3.0-x86_32 hvm-3.0-x86_32p /
kernel 2.6.24-28-xen).

I have some domUs, one of them is a fli4l router, the others are
eisfair domUs (fileserver, webserver and mailserver). All of the domUs
are connected via vif network interface with a bridge in dom0.

There is a problem invoking following command in every domU:

openssl s_client -connect pop.googlemail.com:995 -showcerts

After some minutes the command stops with an ssl handshake error. In a
tcpdump I can see, that after SSLv2 Client Hello only TCP
retransmissions are sent by the domU. There is no answer from the
server. The TCP handshake with the server is ok, the TCP finish too.

If I call the same command in dom0, everything works, after SSLv2
Client Hello the server answers with SSLv2 Server Hello and so on.
Finally the requested certificate is shown.

I think there is no problem with the fli4l router because dom0 has
unlimited access. The problem could be the vif network interfaces in
my opinion.

All of the domUs have access to the internet via port 80, e.g. get a
file using wget.

Can you tell me, what the problem is?

Regards
Christian

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.