Hi I was experimenting with Xen(-2.0) on NetBSD last summer and I have been trying it on Debian GNU/Linux recently. I was surprised to see that my guest OS had no Internet connectivity. I took the Xen documentation, but did not find any clue: the doc basically tells ``everything should work out of the box''. I spoke about that with a friend who had already used Xen under Debian and he told me I had to change /etc/xen/xend-config.sxp to use the bridge network script.> --- xend-config.sxp.orig 2007-06-07 18:35:41.000000000 +0200 > +++ xend-config.sxp 2007-03-30 18:39:53.000000000 +0200 > @@ -83,7 +83,8 @@ > # two fake interfaces per guest domain. To do things like this, write > # yourself a wrapper script, and call network-bridge from it, as appropriate. > # > -(network-script network-dummy) > +(network-script network-bridge) > > # The script used to control virtual interfaces. This can be overridden on a > # per-vif basis when creating a domain or a configuring a new vif. TheThis config file is well-commented and reading it carefully leads you to change this according to your situation... But when you have already used this tool, and it did what you wanted without tweaking anything, you expect to have the same behaviour after installing... Another reason I did not search why the network was failing in this file is that it begins like this:> # This example configuration is appropriate for an installation that > # utilizes a bridged network configuration. Access to xend via http > # is disabled.Remembering that the following was by default a bridge creation and a few other things I did not change when installing on NetBSD, I did not read this configuration file further. This experience report is to ask a question: is this ``network-dummy'' something desired or just a bug in the configuration file shipped with the Debian package? I use different operating systems and am therefore often confronted to rearranged package files (for LFH compliance). But I do not remember having ever installed a software package under Debian that did not work like the ``official'' package shipped by the developer (I mean installing from source). This make me think it is a bug. On an other hand, it can be considered as a ``security risk'' and therefore disabled by default. Such a reason looks inconsistent to my eyes since other software packages (ie. ssh) have some options disabled by default (in the official source code) that are enabled by default (in the corresponding Debian package, ie AllowRootLogin). I just would like to understand what is happening there :) Regards, Romain -- Romain Tartiere <romain.tartiere at healthgrid.org> HealthGrid SysAdmin pgp: 3BB8 9543 B4F2 3EFA 7478 0BA0 0F8D DB2D B9E4 7019 (ID: 0xB9E47019) (plain text =non-HTML= PGP/GPG encrypted/signed e-mail much appreciated) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20070607/f6e5d6d0/attachment.pgp
On Thu, Jun 07, 2007 at 07:13:31PM +0200, Romain Tartiere wrote:> I spoke about that with a friend who had already used Xen under Debian > and he told me I had to change /etc/xen/xend-config.sxp to use the > bridge network script. > > > --- xend-config.sxp.orig 2007-06-07 18:35:41.000000000 +0200 > > +++ xend-config.sxp 2007-03-30 18:39:53.000000000 +0200 > > @@ -83,7 +83,8 @@ > > # two fake interfaces per guest domain. To do things like this, write > > # yourself a wrapper script, and call network-bridge from it, as appropriate. > > # > > -(network-script network-dummy) > > +(network-script network-bridge) > > > > # The script used to control virtual interfaces. This can be overridden on a > > # per-vif basis when creating a domain or a configuring a new vif. The[snip]> This experience report is to ask a question: is this ``network-dummy'' > something desired or just a bug in the configuration file shipped with > the Debian package?It counts as a weird feature. At first, I thought it was just a "no damage by default" setting, but I recently read somewhere (sorry, completely forgotten where) that the idea behind network-dummy is that, since Debian has the ability to configure all your bridges at boot time, that you should be using that instead of the Xen network config scripts. - Matt