[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] NAT networking in Xen

Hello,

I'm trying to set up the NAT network configuration for xen but I'm
having some issues.  I've have the correct lines commented and
uncommented in my xend-xonfig.xsd file:

#(network-script network-bridge)
#(vif-script vif-bridge)
#(network-script network-route)
#(vif-script     vif-route)
(network-script network-nat)
(vif-script     vif-nat)

My domain config file for my paravirtualized fedora 14 domain contains
the following text:

name="default"
description="None"
memory=512
maxmem=512
vcpus=1
on_poweroff="destroy"
on_reboot="restart"
on_crash="destroy"
localtime=0
keymap="en-us"
builder="linux"
bootloader="/usr/bin/pygrub"
bootargs=""
extra=" "
disk=[ 'file:/var/lib/xen/images/default.img,xvda,w', ]
vif=[ 'ip=10.0.0.2', ]
NETMASK = "255.0.0.0"
GATEWAY = "10.0.0.1"
vfb=['type=vnc,vncunused=1']

extra = "console=hvc0"

When i start the domain my iptables has the following entries:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:ssh
ACCEPT     udp  --  anywhere             anywhere            state NEW
udp dpt:ipp
ACCEPT     udp  --  anywhere             224.0.0.251         state NEW
udp dpt:mdns
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:ipp
ACCEPT     udp  --  anywhere             anywhere            state NEW
udp dpt:ipp
ACCEPT     udp  --  anywhere             anywhere            state NEW
udp dpt:snmp
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            PHYSDEV
match --physdev-out vif1.0 --physdev-is-bridged
ACCEPT     udp  --  anywhere             anywhere            PHYSDEV
match --physdev-in vif1.0 --physdev-is-bridged udp spt:bootpc dpt:bootps
ACCEPT     all  --  anywhere             anywhere            PHYSDEV
match --physdev-out vif1.0 --physdev-is-bridged
ACCEPT     all  --  10.0.0.2             anywhere            PHYSDEV
match --physdev-in vif1.0 --physdev-is-bridged
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited

and my ifconfig looks like:

eth0      Link encap:Ethernet  HWaddr 00:0E:0C:6C:48:F5
          inet addr:192.168.222.77  Bcast:192.168.222.255
Mask:255.255.255.0
          inet6 addr: fe80::20e:cff:fe6c:48f5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6572 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4115 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:6549366 (6.2 MiB)  TX bytes:438666 (428.3 KiB)

eth1      Link encap:Ethernet  HWaddr 00:1C:C0:CB:B6:59
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Memory:e0400000-e0420000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:208 errors:0 dropped:0 overruns:0 frame:0
          TX packets:208 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:15880 (15.5 KiB)  TX bytes:15880 (15.5 KiB)

vif1.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9 errors:0 dropped:22 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:0 (0.0 b)  TX bytes:1542 (1.5 KiB)

I have configured the network settings in the domU to be the same as
specified in the domain config file.  When I try to ping the default
gateway from the domU I can see packts on the vif1.0 interface saying:

7       25.900903       Xensourc_34:7d:9b       Broadcast       ARP     Who has 
10.0.0.1?  Tell 10.0.0.2

Based on the iptables output, it seems like xen is still trying to used
a bridged network type configuration.  I should note that I have
restarted the xen daemon after making the changes to the xend-config.xsd
config file.  Are there some other settings I have to change in order to
use a NAT type configuration?  Thanks in advance.

- John





_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.