WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Xen
Home Products Support Community News

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
<prev [Thread] next>

[Xen-devel] strange networking issue in xen DomU

from [Sarika Ray] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] strange networking issue in xen DomU
From: "Sarika Ray" <ray.sarika@xxxxxxxxx>
Date: Wed, 3 Dec 2008 21:56:26 -0500
Delivery-date: 2008年12月03日 18:56:56 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=877P3TXbVR7j7xrX4JRjDxsfb4Pui53WqerLKCKYD/8=; b=CcBT0hAAZu2nWAd3/LY4t9/JuYoDUf3giI2PqooKo+vqLBLQToRu4gpvYzebBRYhr0 q0o2zxYnwjB76svpiAr56lzcCuMj3xzLRQTqJTafMThR4SXi/YsmeUS+ivT7x6flHUCD JCOiJvuSZ4XGfGVG6GLyvw+GFJXMs27gbjvLU=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=wVpNdxfsaOtjCwkN7ASQ5wzOoaPJ8QFkkQImtvTI/VV0Alv6wYRuxnyiKBXriq7pX1 rni1xchoAJDoykQfFVyfj/zBpoTcbB5eSP1JKf4MAuhLE6wHNEVnJPyEAmTblH4F0EGm 6H/nsO8kPX8+DOeuGryEKLarEt2xPydatfwns=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <9f642e900812022218s3044469bx46e83cecdfcb5c58@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <9f642e900812022218s3044469bx46e83cecdfcb5c58@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
I had sent the following mail to the xen-users list. But did not get any reply there. So posting here. Please help



I have a xen 3.2.0 setup with 2.6.18. XenoLinux kernel and FC8 Dom0 file system. I have used xen-tools to create a Debian-Etch DomU. I use a static (public) IP for my DomU and have used default bridging for network setup.

With the default setup I was not able to ping to any other host except Dom0. I guess that was due to forward chaining issue with my Dom0. But then I modified my iptables configuration in Dom0 to comment out the forwarding rule that was rejecting everything. So now I am being able to ping to all the hosts in the same L3 subnet as my DomU but not not anything other than that.

So could any please tell me what I am doing wrong? I am including some details below. Let me know if I am missing to provide some necessary information.

Initially I thought it might be some DNS issue. But even after modifying the /etc/resolv.conf in DomU I am getting same error.

**********
my DomU config file is as follows:
#
# Configuration file for the Xen instance dmvirt1.xxx, created
# by xen-tools 3.9 on Tue Dec 2 17:51:45 2008.
#

#
# Kernel + memory size
#
kernel = '/boot/vmlinuz-2.6.18.8-xen'
ramdisk = '/boot/initrd-2.6.18.8-xen.img'
memory = '128'

#
# Disk device(s).
#
root = '/dev/sda2 ro'
disk = [
'phy:/dev/DomUVols/dmvirt1.xxx-swap,sda1,w',
'phy:/dev/DomUVols/dmvirt1.xxx-disk,sda2,w',
]


#
# Hostname
#
name = 'dmvirt1.xxxx'

#
# Networking
#
vif = [ 'ip=143.215.129.1xx,mac=00:16:3E:88:22:AA' ]

vfb = ['type=vnc']
#
# Behaviour
#
>on_reboot = 'restart'
on_crash = 'restart'

extra = "xencons=xvc console=xvc console=tty"
*******************

*****************
Some other DomU Details

dmvirt1:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3E:88:22:AA
inet addr:143.215.129.157 Bcast:143.215.129.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe88:22aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1206 errors:0 dropped:0 overruns:0 frame:0
TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:114259 (111.5 KiB) TX bytes:10024 (9.7 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)


dmvirt1:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
143.215.129.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0


dmvirt1:/etc# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 143.215.129.1xx
gateway 143.215.129.1
netmask 255.255.255.0
broadcast ${broadcast}

# post-up ethtool -K eth0 tx off

#
# The commented out line above will disable TCP checksumming which
# might resolve problems for some users. It is disabled by default
#





dmvirt1:~# ping www.yahoo.com
ping: unknown host www.yahoo.com
dmvirt1:~# ping 69.147.76.15
connect: Network is unreachable



*******************
Dom0 Details

[root@kahn dev]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- dmvirt1 anywhere PHYSDEV match --physdev-in vif17.0
ACCEPT udp -- anywhere anywhere PHYSDEV match --physdev-in vif17.0 udp spt:bootpc dpt:bootps

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:nfs
ACCEPT udp -- anywhere anywhere state NEW udp dpt:nfs
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain
ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:sunrpc
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:telnet
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:cvspserver
ACCEPT tcp -- anywhere anywhere state NEW tcp dpts:terabase:pxc-splr-ft
ACCEPT udp -- anywhere anywhere state NEW udp dpts:terabase:pxc-splr-ft
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:teradataordbms
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited


[root@kahn dev]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1A:A0:1B:88:E1
inet addr:143.215.129.2xx Bcast:143.215.129.255 Mask:255.255.255.0
inet6 addr: fe80::21a:a0ff:fe1b:88e1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:506521 errors:0 dropped:0 overruns:0 frame:0
TX packets:165558 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:423458331 (403.8 MiB) TX bytes:11964484 (11.4 MiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:235929 errors:0 dropped:0 overruns:0 frame:0
TX packets:235929 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:36772495 (35.0 MiB) TX bytes:36772495 (35.0 MiB)

peth0 Link encap:Ethernet HWaddr 00:1A:A0:1B:88:E1
inet6 addr: fe80::21a:a0ff:fe1b:88e1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:553720 errors:0 dropped:0 overruns:0 frame:0
TX packets:162980 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:434130358 (414.0 MiB) TX bytes:13050967 (12.4 MiB)
Interrupt:20

vif17.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:361 errors:0 dropped:0 overruns:0 frame:0
TX packets:4092 errors:0 dropped:5 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:43052 (42.0 KiB) TX bytes:393229 (384.0 KiB)


[root@kahn dev]# brctl show
bridge name bridge id STP enabled interfaces
eth0 8000.001aa01b88e1 no peth0
vif17.0



******************

Thanks in advance for all help.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] strange networking issue in xen DomU, Sarika Ray <=
Previous by Date: RE: [Xen-devel] [Question] How to support page offline in Xen environment , Jiang, Yunhong
Next by Date: Re: [Xen-devel] [PATCH][IOEMU] fix invisibility of PCI Option ROM , Yuji Shimada
Previous by Thread: [Xen-devel] [PATCH] Fix MMIO UARTs , Alex Williamson
Next by Thread: Re: [Xen-devel] [PATCH][IOEMU] fix invisibility of PCI Option ROM , Yuji Shimada
Indexes: [Date] [Thread] [Top] [All Lists]

Copyright ©, Citrix Systems Inc. All rights reserved. Legal and Privacy
Citrix This site is hosted by Citrix

AltStyle によって変換されたページ (->オリジナル) /