[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Routed Network with Xen

On Sat, Feb 11, 2012 at 10:33 PM, Felix Kuperjans <felix@xxxxxxxxxxxxxxxxxx> wrote:
I think your mails were delayed for some reason... the mail I answered reached me yesterday...

See some comments inline.

Am 11.02.2012 07:13, schrieb Rakesh Chawda:
Thanks Felix for the reply, this is the first one that I actually got on this list.

I have completed the setup using NAT. The only problem that I had faced, was DomU firewall.
Quite common problem^^ it's always better to do first tests with a domU without any firewall.


The answers are inline... hope it may others...


On Fri, Feb 10, 2012 at 6:55 PM, Felix Kuperjans <felix@xxxxxxxxxxxxxxxxxx> wrote:
Hello,

answers inline.

Am 07.02.2012 14:43, schrieb DN Singh:
Hello Guys,

Hasn't anyone done any routed network on Xen?? Please reply.
I always use routed setups, but mostly with custom vif scripts for iptables setup.

I did do some customisation, as mentioned in one of the many blogs that I had referred. The changes were made in "/etc/xen/scripts/vif-common.sh", where I changed the ip_of function as described below:
------------------------------
function ip_of()
{
#Â ip addr show "$1" | awk "/^.*inet.*$1\$/{print \$2}" | sed -n '1 s,/.*,,p'
ÂÂÂÂÂÂÂÂÂ ip -4 -o addr show primary dev $1 | awk '$3 == "inet" {print $4; exit}' | sed 's#/.*##'
}
------------------------------
I think, hacks in this file shouldn't be necessary for newer Xen versions, but may be fine with this old one...

Â

On Sun, Feb 5, 2012 at 9:05 PM, DN Singh <dnsingh.dns@xxxxxxxxx> wrote:
Hello List,

I am trying to configure a setup where the IPs have to bound to the dom0, and then via internal network, these can be used on the domUs. This is a requirement, as the IPs can be configured only on the Dom0 due to their static configuration.
If you say internal network, does this include internal ip addresses? If so, you would not only need routing, but also NAT, esp. if the Dom0 will get all ip addresses assigned.

Yes, I had to do NAT, as Dom0 got all the IP addresses, and DomUs have internal IPs like 192.168.1.2,3,4...

I faced one silly problem here, as the Nat was fine, but DomU firewall was blocking the incoming requests. I had overlooked this fact, which led to 4 days of futile research, as I myself figured it out.

Anyone doing such setup, please keep DomU firewall in mind.
Â
I have configured the routed config, and installed the VMs using virt-install. The problem is that the VMs aren't accessible via static IP.
The OS is CentOS 5.7, and Xen is 3.0, the one that comes with the repositories.
Additional information is needed here:
* What are the ip addresses and routes on the Dom0 and the DomU when both are running? (Use `ip addr show` and `ip route show` to list them -- iproute2 utilities needed, but should already be installed)
* Is there any network filtering or NAT involved?


I've cleared these questions, in above answer.

I have changed the network scripts in xend-config.sxp and the kernel parameters as per this URL:Âhttp://www.devco.net/archives/2007/10/18/xen_bridging_and_hetzner.php

The link states that I have to configure the IPs in Dom0, and they will get automatically allocated to the VMs, which is not happening.

I also tried to configure the IP in vm config file by adding vif = [ 'ip=<IP>' ]
Usually this would be required, but highly depends on your actual setup and/or vif script.

I have skipped this part, as I am not assigning these IPs to DomU. Does this method work??
If it works, you do not seem to need it. However, the default scripts sometimes require this (don't know about the requirements of each Xen version).


Please help.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
It would also be helpful if you explain in detail, how your final networking setup should look like.

Regards,
Felix

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

If anyone has suggestions, please do reply.

Thanks and Regards,
Rakesh Chawda
One question / suggestion:

Why do you want to use NAT for every traffic on all ip addresses? esp. if you got multiple, I don't see the point in wasting CPU/Memory resources for NAT (besides some other ugly side effects that may happen with NAT).
Â
This is why I had asked for suggestions. This is my first setup, hence, I was following different blogs. Please suggest better options.

Also, I have hit a new issue. Inspite of the NAT setup, the outgoing IP of all the DomUs can be seen as the main Dom0 IP, and not the individual IPs assigned to the domUs.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.