Hi,
I having problem with firewall setup between primary domain [domain0]
and guess domain [domainU]... using iptables. What basically did is
block complete communication between vif0+ and eth+, and specify only
some protocol and ports access. Now I have a buggy problem, in some
case the entire guest domain crashed after few hours.. like half a
day.
i would like to know is there any specify ports/protocol primary
domain communicated with guest domain?
thanks,
On 7/9/05, xen-users-request@lists.xensource.com
<xen-users-request@lists.xensource.com> wrote:> Send Xen-users mailing list submissions to
> xen-users@lists.xensource.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users
> or, via email, send a message with subject or body ''help''
to
> xen-users-request@lists.xensource.com
>
> You can reach the person managing the list at
> xen-users-owner@lists.xensource.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Xen-users digest..."
>
>
> Today''s Topics:
>
> 1. Re: Networking issue on DomU (Ernst Bachmann)
> 2. How to install old Linux version in xenU (tl2@duke.edu)
> 3. Re: Accessing /dev/ttyI0 in guest domain not possible?
> (forumuser@kogels.net)
> 4. Re: How to install old Linux version in xenU (Ernst Bachmann)
> 5. Re: Networking change in Xen unstable (Takeshi Sone)
> 6. Shared interrupt in 2 domains: cards disabled (Arie Kraai)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 8 Jul 2005 20:40:18 +0200
> From: Ernst Bachmann <e.bachmann@xebec.de>
> Subject: Re: [Xen-users] Networking issue on DomU
> To: xen-users@lists.xensource.com
> Message-ID: <200507082040.19994.e.bachmann@xebec.de>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi,
>
> On Friday 08 July 2005 13:25, Nico wrote:
> > Hello lists.
> >
> > Having a problem getting network to work inside a domU.
> >
> > I have 2 guests os''s (the example ttylinux and a CentOS 3,3
domU).
> >
> > the 2 domU''s can ping each other, the dom0 can ping the
outside world, incl
> > internet.
> > The 2 domU''s can not ping the dom0 (or anything else) and the
dom0 can not
> > ping the domU''s.
> >
> > Config dom0
> > Host OS is CentOS 4.0 with xen 2.0.6
> >
> > [root@vps xen]# ifconfig
> > eth0 Link encap:Ethernet HWaddr 00:60:08:6D:1E:C6
> > inet addr:10.0.0.211 Bcast:10.0.0.255 Mask:255.255.255.0
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:125239 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:1677 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:1000
> > RX bytes:17073332 (16.2 MiB) TX bytes:132617 (129.5 KiB)
> > Interrupt:10 Base address:0x1480
> >
> > eth1 Link encap:Ethernet HWaddr 00:04:76:13:92:DA
> > inet addr:10.0.0.210 Bcast:10.0.0.255 Mask:255.255.255.0
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:113302 errors:0 dropped:0 overruns:1 frame:0
> > TX packets:39535 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:22 txqueuelen:1000
> > RX bytes:14854554 (14.1 MiB) TX bytes:4235423 (4.0 MiB)
> > Interrupt:9 Base address:0x1400
> >
> > lo Link encap:Local Loopback
> > inet addr:127.0.0.1 Mask:255.0.0.0
> > UP LOOPBACK RUNNING MTU:16436 Metric:1
> > RX packets:42137 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:42137 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> > RX bytes:3030632 (2.8 MiB) TX bytes:3030632 (2.8 MiB)
> >
> > vif30.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:34 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:90 errors:0 dropped:145 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> > RX bytes:2378 (2.3 KiB) TX bytes:4540 (4.4 KiB)
> >
> > vif51.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:20 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> > RX bytes:1120 (1.0 KiB) TX bytes:462 (462.0 b)
> >
> > xen-br0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
> > inet addr:10.0.0.212 Bcast:10.255.255.255 Mask:255.0.0.0
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:335 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> > RX bytes:15764 (15.3 KiB) TX bytes:756 (756.0 b)
>
> Looks like your bridge isn''t setup correctly.
> at least one of your real network ifaces (eth0 or eth1) should be running
> without IP Address, be enslaved to xen-br0, and xen-br0 should have the IP
it
> had earlier.
> the bridge should then use the HW/MAC Addr of that nic.
>
> check "brctl show xen-br0"
>
> If you don''t want to bridge your network directly, but route
instead, you''d
> have to setup a MAC Addr for that bridge, give it an IP from a different
> subnet, enable routing, and enable IP-Forwarding.
>
> Hope that pointed you in the right direction,
> /Ernst
>
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 8 Jul 2005 17:20:22 -0400 (EDT)
> From: tl2@duke.edu
> Subject: [Xen-users] How to install old Linux version in xenU
> To: xen-users@lists.xensource.com
> Message-ID:
<Pine.GSO.4.58.0507081712550.6095@godzilla.acpub.duke.edu>
> Content-Type: TEXT/PLAIN; charset=US-ASCII
>
> Could someone tell me how to install a guest OS that runs an old version
> of Linux, say 2.4.25, or 2.6.0? The current source tree contains only
> linux-2.4.30-xen-sparse and linux-2.6.11-xen-sparse.
>
> Thanks!
>
>
>
> ------------------------------
>
> Message: 3
> Date: Fri, 8 Jul 2005 23:24:36 +0200 (CEST)
> From: forumuser@kogels.net
> Subject: Re: [Xen-users] Accessing /dev/ttyI0 in guest domain not
> possible?
> To: "Sascha Retzki" <sretzki@gmx.de>
> Cc: xen-users@lists.xensource.com
> Message-ID: <2322.192.168.0.38.1120857876.squirrel@www.kogels.net>
> Content-Type: text/plain;charset=iso-8859-1
>
> Good question. It could be that an unpatched xen kernel has the same
> problem though. If not, then there must be something in the xen patch
> which is responsible...
>
>
> > On Thu, Jul 07, 2005 at 07:49:23PM +0200, forumuser@kogels.net wrote:
> >> So the bottom line is that the wrong driver was used by the demo
cd and
> >> my
> >> first compiled kernels. Everything looks fine now.
> >
> > The question is: why? :-)
> >
> > I mean, your kernels have been compiled by you on the assumption that
the
> > demo cd picked the right driver?
> > If yes, why did the demo-cd picked the wrong one? What has been
changed so
> > the "is_this_really_the_card_I_am_responsible_for()" of the
driver worked?
> >
> > Or is it just that they are mostly compatible in the init-functions?
> >
> > _______________________________________________
> > Xen-users mailing list
> > Xen-users@lists.xensource.com
> > http://lists.xensource.com/xen-users
> >
> >
>
>
>
>
> ------------------------------
>
> Message: 4
> Date: Fri, 8 Jul 2005 23:31:07 +0200
> From: Ernst Bachmann <e.bachmann@xebec.de>
> Subject: Re: [Xen-users] How to install old Linux version in xenU
> To: xen-users@lists.xensource.com
> Message-ID: <200507082331.09648.e.bachmann@xebec.de>
> Content-Type: text/plain; charset="iso-8859-1"
>
> On Friday 08 July 2005 23:20, tl2@duke.edu wrote:
> > Could someone tell me how to install a guest OS that runs an old
version
> > of Linux, say 2.4.25, or 2.6.0? The current source tree contains only
> > linux-2.4.30-xen-sparse and linux-2.6.11-xen-sparse.
>
> Tried to apply those to your old kernel (sparse tree AND patches)? With
much
> luck, it might even compile.
>
> Otherwise I''d guess you''ll have to look for old patch
versions in the source
> repository.
>
> /Ernst
>
>
>
> ------------------------------
>
> Message: 5
> Date: Sat, 9 Jul 2005 17:18:15 +0900
> From: Takeshi Sone <ts1@tsn.or.jp>
> Subject: Re: [Xen-users] Networking change in Xen unstable
> To: John Fairbairn <webmaster@proteus2.com>
> Cc: Xen-users@lists.xensource.com
> Message-ID: <20050709081815.GA30158@tsn.or.jp>
> Content-Type: text/plain; charset=iso-2022-jp
>
> Hello John,
> ip_forward has been always on.
> This machine is working also as a router for other PCs at my home.
> Thanks for reply anyway.
>
>
> On Fri, Jul 08, 2005 at 12:27:50PM -0500, John Fairbairn wrote:
> > Hello,
> > i would think that all you would need to so if thats the error you
get
> > is to enable ip forwarding in the dom0 kernel. Generally that is done
> > with
> >
> > echo "1" > /proc/sys/net/ipv4/ip_forward
> >
> > if memory serves, I believe you have to reboot for this to take
effect.
> >
> > Hope this helps you out some.
> > John Fairbairn
> >
> > > Hello,
> > >
> > > I''m now using Xen unstable, which works very nice.
> > > For me it''s generally more stable than 2.0 (no FPU
problem now).
> > >
> > > I have noticed that veth0 and vif0.0 appear in net devices,
> > > and veth0 is attached to xen-br0. Routing to the bridge network
is
> > > now through veth0, instead of xen-br0 like it used to be.
> > >
> > > The problem is, my iptables configuration (on dom0) complains
> > > with this setup. This message appears in kernel log (dmesg):
> > >
> > > Performing cross-bridge DNAT requires IP forwarding to be
enabled
> > >
> > > I''m DNATting DNS requests from Internet to domU, and it
doesn''t work.
> > >
> > > Killing veth0 and assigning IP address to xen-br0 fix this
problem:
> > >
> > > # ifconfig veth0 0.0.0.0
> > > # ifconfig xen-br0 10.1.1.1 netmask 255.255.255.0
> > >
> > > Frontend net device is disabled in dom0 kernel .config.
> > >
> > > Could someone explain what is veth0 and its purpose?
> > >
> > > Thanks,
> > > --
> > > Takeshi
> > >
> > > _______________________________________________
> > > Xen-users mailing list
> > > Xen-users@lists.xensource.com
> > > http://lists.xensource.com/xen-users
> > >
> >
> >
> >
> > _______________________________________________
> > Xen-users mailing list
> > Xen-users@lists.xensource.com
> > http://lists.xensource.com/xen-users
>
> --
> そね
>
>
>
> ------------------------------
>
> Message: 6
> Date: Sat, 9 Jul 2005 12:57:13 +0200
> From: Arie Kraai <xen@persijn.net>
> Subject: [Xen-users] Shared interrupt in 2 domains: cards disabled
> To: xen-users@lists.xensource.com
> Message-ID: <20050709105713.GA5960@taxus>
> Content-Type: text/plain; charset=us-ascii
>
> Xen 2.0-testing gave me a problem when a domain (using a dom0 kernel)
> tried to use a soundcard (hidden from dom0):
>
> other_domain:/proc/asound# cat cards
> 0 [CK8S ]: NFORCE - NVidia CK8S
> NVidia CK8S with ALC850 at 0xff6fb000, irq 11
>
> with the same IRQ as the network-card in dom0:
>
> dom0:~# cat /proc/interrupts
> CPU0
> 1: 1955 Phys-irq i8042
> 10: 4884 Phys-irq libata
> 11: 78834 Phys-irq eth0
> 12: 6489 Phys-irq i8042
> 14: 4688 Phys-irq ide0
>
> The card produced sound for 4 seconds, then went mute. Moreover, the
> dom0 network-card also stopped operating (only xen-br0 still worked) and
> could not be brought back to life, not even after stopping all domains
> and xend:
>
> dom0:~# ifup eth0
> SIOCADDRT: Network is unreachable
> Failed to bring up eth0.
>
> I had to reboot the system...
> Is this a bug or should there be no shared interrupts at all between
> domains?
>
> Kind regards, Arie Kraai
>
>
>
> ------------------------------
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users
>
>
> End of Xen-users Digest, Vol 5, Issue 30
> ****************************************
>
--
Routed From Zues HomeNetwork
@ http://zues.dyndns.org
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users