Hi, I have deployed three machines in recent months all of which are loaded with XCP 1.0. These machines are functioning very well in real commercial environments. I intend to deploy further machines in 2012. All of these systems are running MS SBS2011 in a VM and also Trixbox Asterisk based voip telephony in another VM. I am getting fed up, however, with inconsistencies from commercial ADSL routers which screw up voip and which do not provide QoS which is good enough so I have decided to use ADSL Ethernet modems instead and perform all routing, firewall and QoS functions inside the XCP box. To that end I have set up an experimental XCP 1.0 box with 2 NICS and I have set up iptables on the host machine to perform NAT (masquerade) forwarding the entire internet (DMZ) onto the public side of a zeroshell VM (firewall) which will allow an easy way to open and close ports and which also performs excellent QoS. The reason why I want to perform a NAT masquerade on the host itself is so I can get locked down SSH access to the host itself so that in an emergency I can start and stop VMs or even reboot if necessary. All this I have successfully implemented and it all works well. The only fly in the ointment is if the box is connected to an ISP which only provides a dynamic IP address. I have used xe pif-reconfigure-ip to set the external interface to dhcp and it does indeed lease an IP address from the ISP. What it does not do however, is to get the gateway address from the ISP. If I connect other boxes (linux or windows) to the internet connection they all get a gateway address - but not XCP. Because I am able to work out what the gateway address is I have added it manually at the cli using the route command and internet access then works - but this is not a solution - only a workaround - and if the IP address changed the box would be on the wrong gateway. It would be really great if someone could shed some light on what is going on. BTW. I have not defined a gateway on the management interface so there is only one gateway on the machine. Kind regards, Frank. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Don''t take this the wrong way - but - WHY would you use DHCP for a VoIP or other server? Are you running these on site for a customer, or are they in a data center? The issues with running any kind of server via DHCP are beyond the scope of this group I believe. There may be a few folks who can provide you with some ideas, but over all, I would say you are on your own. On Fri, Dec 23, 2011 at 12:51 PM, <frank@smallbiztek.com> wrote:> Hi, > > I have deployed three machines in recent months all of which are loaded with > XCP 1.0. These machines are functioning very well in real commercial > environments. I intend to deploy further machines in 2012. All of these > systems are running MS SBS2011 in a VM and also Trixbox Asterisk based voip > telephony in another VM. I am getting fed up, however, with > inconsistencies from commercial ADSL routers which screw up voip and which > do not provide QoS which is good enough so I have decided to use ADSL > Ethernet modems instead and perform all routing, firewall and QoS functions > inside the XCP box. To that end I have set up an experimental XCP 1.0 box > with 2 NICS and I have set up iptables on the host machine to perform NAT > (masquerade) forwarding the entire internet (DMZ) onto the public side of a > zeroshell VM (firewall) which will allow an easy way to open and close ports > and which also performs excellent QoS. The reason why I want to perform a > NAT masquerade on the host itself is so I can get locked down SSH access to > the host itself so that in an emergency I can start and stop VMs or even > reboot if necessary. > > All this I have successfully implemented and it all works well. The only > fly in the ointment is if the box is connected to an ISP which only provides > a dynamic IP address. I have used xe pif-reconfigure-ip to set the external > interface to dhcp and it does indeed lease an IP address from the ISP. What > it does not do however, is to get the gateway address from the ISP. If I > connect other boxes (linux or windows) to the internet connection they all > get a gateway address – but not XCP. Because I am able to work out what the > gateway address is I have added it manually at the cli using the route > command and internet access then works – but this is not a solution – only > a workaround - and if the IP address changed the box would be on the wrong > gateway. It would be really great if someone could shed some light on what > is going on. > > BTW. I have not defined a gateway on the management interface so there is > only one gateway on the machine. > > Kind regards, > > Frank. > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users
Hi Scott, Thank you for your response. The three machines I referred to are all on static IPs. They are on in the customer''s premises running on an ADSL connection - not in a data centre. Much of my development work, however, is done at home. My ISP only provides dynamic IPs. I would move to a different ISP to get a static IP or group of IPs if it weren''t for the fact that I cannot get a big fat 50 mbps downstream and a 5 mbps upstream any other way! Static IPs do not give a problem so it''s a minor point really. I''m just interested to know why I can''t get the gateway address via dhcp. That''s all. Many thanks, Frank. -----Original Message----- From: Scott Damron [mailto:sdamron@gmail.com] Sent: 23 December 2011 19:01 To: Frank Salter Cc: xen-users@lists.xensource.com Subject: Re: [Xen-users] XCP Don''t take this the wrong way - but - WHY would you use DHCP for a VoIP or other server? Are you running these on site for a customer, or are they in a data center? The issues with running any kind of server via DHCP are beyond the scope of this group I believe. There may be a few folks who can provide you with some ideas, but over all, I would say you are on your own. On Fri, Dec 23, 2011 at 12:51 PM, <frank@smallbiztek.com> wrote:> Hi, > > I have deployed three machines in recent months all of which are loaded with > XCP 1.0. These machines are functioning very well in real commercial > environments. I intend to deploy further machines in 2012. All of these > systems are running MS SBS2011 in a VM and also Trixbox Asterisk based voip > telephony in another VM. I am getting fed up, however, with > inconsistencies from commercial ADSL routers which screw up voip and which > do not provide QoS which is good enough so I have decided to use ADSL > Ethernet modems instead and perform all routing, firewall and QoS functions > inside the XCP box. To that end I have set up an experimental XCP 1.0 box > with 2 NICS and I have set up iptables on the host machine to perform NAT > (masquerade) forwarding the entire internet (DMZ) onto the public side of a > zeroshell VM (firewall) which will allow an easy way to open and close ports > and which also performs excellent QoS. The reason why I want to perform a > NAT masquerade on the host itself is so I can get locked down SSH access to > the host itself so that in an emergency I can start and stop VMs or even > reboot if necessary. > > All this I have successfully implemented and it all works well. The only > fly in the ointment is if the box is connected to an ISP which only provides > a dynamic IP address. I have used xe pif-reconfigure-ip to set the external > interface to dhcp and it does indeed lease an IP address from the ISP. What > it does not do however, is to get the gateway address from the ISP. If I > connect other boxes (linux or windows) to the internet connection they all > get a gateway address - but not XCP. Because I am able to work out what the > gateway address is I have added it manually at the cli using the route > command and internet access then works - but this is not a solution - only > a workaround - and if the IP address changed the box would be on the wrong > gateway. It would be really great if someone could shed some light on what > is going on. > > BTW. I have not defined a gateway on the management interface so there is > only one gateway on the machine. > > Kind regards, > > Frank. > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users
I''m just interested to know why I can''t get the gateway address via dhcp. That''s all.> Many thanks, > Frank. > >So the problem really is "Why doesn''t my XCP 1.0 machine retrieve the default gateway when it does a DHCP request? " One question. If you do a dhclient <network interface> on the XCP machine does it get the gateway? If so then you''re down to figuring out why the XCP OS doesn''t do it on boot. I''ve found there are many small changes to the OS that effect it running as a standard Linux server (like not doing a vgchange -ay on boot). I can''t test this to see how mine work because I like everyone else here wouldn''t run it on a Dynamic address. A quick temporary fix would be to let your router get the IP address if it can and then just forward the ports to your XCP''s "outside" network interface where you''ll do all the QoS, filtering etc.. Grant McWilliams _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users