Re: [Xen-users] Dom0 domU bridge problem - virtualizing ISC DHCP server

[Jakub Kulesza <jakkul@xxxxxxxxx>]

Dear Alexande, I did as you told.

I've added following iptables rules to dom0/main router:

-t nat

-A FORWARD -s 192.168.0.0/24 -d 192.168.0.252/32 -i eth0 -p udp -m udp --dport 67 -j ACCEPT 

-A FORWARD -s 192.168.0.0/24 -d 192.168.0.252/32 -i eth0 -p udp -m udp --dport 68 -j ACCEPT 

-t filter

-A FORWARD -d 255.255.255.255/32 -i eth0 -p udp -m udp --dport 67 -j ACCEPT 

-A FORWARD -d 255.255.255.255/32 -i eth0 -p udp -m udp --dport 68 -j ACCEPT 

0.252 is the address of the DHCP server.

And it works... let's see how it works out.

THANKS

2013/7/22 Alexandre Kouznetsov <alk@xxxxxxxxxx>

Hello.

El 20/07/13 11:08, Jakub Kulesza escribió:

Where should I start looking? What might be the connectivity problem?

I would start running tcpdump within DomU and Dom0:
- Find out where the DHCPDICOVER reach, and where they not.
- What is missing, the DHCP requests or answers.
- If a multihomed host is involved, does the packets leaves on the right interface?
Does the DHCP server shows something in the log?

I had issues with UDP based services on DomU, specifically with TFTP server. Solved by disabling checksuming offload on the virtualized NIC "ethtool -K eth0 tx off". It ma be added to the corresponding entry in /etc/network/interfaces file as "post-up  ethtool -K eth0 tx off".

I do not recall having problems with DHCP server on a DomU, but it has been a while since I run dnsmasq almost everywhere, instead of ISC DHCPD.

Greetings.

--
Alexandre Kouznetsov


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

--
Pozdrawiam
Jakub Kulesza

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users