[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Xen host guest bridging transparency issue



On 15/04/16 07:44, russo@xxxxxxxxxxxxxxxxxxx wrote:

It has been a while sense I have been on a mailing list, so don't shoot me if I am annoying. Lol

I have a XEN server with a web server guest server.
 When people click on a web page, the apache logs show the IP of the bridge, not the persons IP who clicked on the page. The bridge should be transparent (and is on my older Debian XEN configuration) I have a pretty straight-forward set up on the latest Ubuntu server 15.10 , or at least I think I do. Any ideas why my guest web server logs are not seeing the users IP? What would be the typical cause?

Thanks for any help!


 Pretty much the default set up under xend-config.sxp

(network-script network-bridge)
(vif-script vif-bridge)

Host Interface:

# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo xenbr0 xenbr1
iface lo inet loopback

# The primary network interface

iface xenbr0 inet static

bridge_ports p6p1
address 74.xxx.xxx.5
netmask 255.255.255.240
gateway 74.xxx.xxx.14
bridge_stp off
dns-nameservers 68.xxx.xxx.146 68.xxx.xxx.98

iface xenbr1 inet static
bridge_ports eth1
bridge_stp off

address 192.168.1.1
netmask 255.255.255.0

post-up ethtool --offload p6p1 gso off tso off sg off gro off
post-up ethtool --offload eth1 gso off tso off sg off gro off

brctl show:

bridge name bridge id STP enabled interfaces
xenbr0 8000.00a0244d1fbe no p6p1
vif2.0
vif7.0
vif8.0
xenbr1 8000.feffffffffff no vif1.0
vif2.1
vif7.1
vif8.1
vif9.0


What is your domU config file look like?

What is the interface config inside the domU?

Also, what iptables rules do you have on the dom0?

What interface is p6p1 ? Seems to be a strange name for a network interface, these are normally eth0 or similar by default...

You could also try to do a tcpdump on the dom0 (on the bridge, the physical port, and the vif) and within the domU and see what is going on.....

Hope this helps you to pinpoint the problem. My guess, the dom0 is doing NAT on the incoming traffic, and sending it over xenbr1 or something like that...

Regards,
Adam

--
Adam Goryachev Website Managers www.websitemanagers.com.au
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.