Xen users - Jan 2006 - setting up private networking between dom0 and domU?

I am trying to set up dom0 <->domU networking using a
virtual switch, a tap device on dom0 and a NIC on domU.

I have domU <-> domU connectvity throguth a virtual switch.
I also have domU <-> eth0 using a bridge. I''m using Xen 3.0
from Fedora FC5.

I used these commands to set up the tap0 and sw2 device:

  # creating switch 2
  brctl addbr sw2
  brctl stp sw2 off
  brctl setfd sw2 0
  ifconfig sw2 up

 # creating tun/tap device
 tunctl -t tap0

# adding tun/tap device to bridge
brctl addif sw2 tap0

# configuring tap0 device
ip address add 192.168.3.2/29 dev tap0
ifconfig tap0 up

ifconfig shows:
[root@xen xen]# ifconfig sw2
sw2       Link encap:Ethernet  HWaddr A6:44:26:ED:AC:5F
          inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:259 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7252 (7.0 KiB)  TX bytes:468 (468.0 b)

[root@xen xen]# ifconfig tap0
tap0      Link encap:Ethernet  HWaddr A6:44:26:ED:AC:5F
          inet addr:192.168.3.2  Bcast:192.168.3.7  Mask:255.255.255.248
          inet6 addr: fe80::a444:26ff:feed:ac5f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:687 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

(NOTE: look at the dropped:687 packets for tap0. I don''t know what that
means...
other than its bad.  )

If I to a tcpdump -n -i sw2, and ping the tap0 device from my domU
instance, I see:
[root@xen xen]# tcpdump  -n  -i sw2
tcpdump: WARNING: sw2: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on sw2, link-type EN10MB (Ethernet), capture size 96 bytes
21:24:15.428994 arp who-has 192.168.3.2 tell 192.168.3.1
21:24:16.427484 arp who-has 192.168.3.2 tell 192.168.3.1
21:24:17.427558 arp who-has 192.168.3.2 tell 192.168.3.1
21:24:18.439598 arp who-has 192.168.3.2 tell 192.168.3.1
21:24:19.439673 arp who-has 192.168.3.2 tell 192.168.3.1
21:24:20.439724 arp who-has 192.168.3.2 tell 192.168.3.1

the dom0 device does not answere the ARP Who-Has request. The domU box
has the correct netmask and broadcast address defined.

I set up sw1 in a similar fashion as sw2. My two domU machine are able
to talk over sw1 just fine.

What am I missing?

Thanks - jack

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On 1/22/06, Jack Snodgrass <mylinuxguy@gmail.com>
wrote:
> I am trying to set up dom0 <->domU networking using a
> virtual switch, a tap device on dom0 and a NIC on domU.
>
> I have domU <-> domU connectvity throguth a virtual switch.
> I also have domU <-> eth0 using a bridge. I''m using Xen 3.0
> from Fedora FC5.
>
> I used these commands to set up the tap0 and sw2 device:
>
>   # creating switch 2
>   brctl addbr sw2
>   brctl stp sw2 off
>   brctl setfd sw2 0
>   ifconfig sw2 up
>
>  # creating tun/tap device
>  tunctl -t tap0
>
> # adding tun/tap device to bridge
> brctl addif sw2 tap0
>
> # configuring tap0 device
> ip address add 192.168.3.2/29 dev tap0
> ifconfig tap0 up
>
> ifconfig shows:
> [root@xen xen]# ifconfig sw2
> sw2       Link encap:Ethernet  HWaddr A6:44:26:ED:AC:5F
>           inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:259 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:7252 (7.0 KiB)  TX bytes:468 (468.0 b)
>
> [root@xen xen]# ifconfig tap0
> tap0      Link encap:Ethernet  HWaddr A6:44:26:ED:AC:5F
>           inet addr:192.168.3.2  Bcast:192.168.3.7  Mask:255.255.255.248
>           inet6 addr: fe80::a444:26ff:feed:ac5f/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:687 overruns:0 carrier:0
>           collisions:0 txqueuelen:500
>           RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
>
> (NOTE: look at the dropped:687 packets for tap0. I don''t know what
that means...
> other than its bad.  )
>
> If I to a tcpdump -n -i sw2, and ping the tap0 device from my domU
> instance, I see:
> [root@xen xen]# tcpdump  -n  -i sw2
> tcpdump: WARNING: sw2: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on sw2, link-type EN10MB (Ethernet), capture size 96 bytes
> 21:24:15.428994 arp who-has 192.168.3.2 tell 192.168.3.1
> 21:24:16.427484 arp who-has 192.168.3.2 tell 192.168.3.1
> 21:24:17.427558 arp who-has 192.168.3.2 tell 192.168.3.1
> 21:24:18.439598 arp who-has 192.168.3.2 tell 192.168.3.1
> 21:24:19.439673 arp who-has 192.168.3.2 tell 192.168.3.1
> 21:24:20.439724 arp who-has 192.168.3.2 tell 192.168.3.1
>
> the dom0 device does not answere the ARP Who-Has request. The domU box
> has the correct netmask and broadcast address defined.
>
> I set up sw1 in a similar fashion as sw2. My two domU machine are able
> to talk over sw1 just fine.
>
> What am I missing?
>
> Thanks - jack
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users
>
Hi,
Did you realize you have same MAC address for both sw2 and
tap0? What about your eth0? May be you have a conflict up
there...

--
Bye,
Fernando Maior
LPIC/1(31908)
LinuxCounter(391325)

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Hello,

I am also very interested in running Windows in XEN environment under
VT or Pacifica, so I hope you let me ask several questions...
> > To what avail?
> > Being able to install unmodified non-graphical (server)systems is a
fine
> > thing; graphical systems like W2K3/XP is another talk.
> > No Xen-aware video drivers are available. In a couple of threads,
I''ve
> > argued that Nvidia is interested in developing such a driver, but
won''t
> > do it until deemed nessesary. It will only happen with applied
pressure.
What is known about Nvidia plans - do they plan to develop a dom0-only,
or maybe even a domU drivers as well? Do I understand properly that
with proper domU-drivers it will be possible... maybe even run
OpenGL/DirectX software under guest Windows? As far as I understand, ATI
drivers were made compatible with dom0, but no domU yet - so is Nvidia
behind ATI in this area yet?
> There are three aspects here:
Windows emulation question is pretty interesting... The question about
video cards has been discussed - but what about other drivers and
hardware?
Is sound card virtualization now working in any form (at least in
"3"-mode, by emulation)? With pretty good state of opensource sound
support in Linux, it should be possible to allow soundcards using in
domU - but how is it now, and what are the nearest plans in this area?
And, probably, the most important: how hard drive is emulated for
guest Windows? Should it use a dedicated drive, a dedicated partition,
or maybe it requires an "image" file (visible to domU-Windows as hard
drive, but stored as a file on a real FS for dom-Linux)? Or maybe even
file-level access is virtualized, so that we can be able to have paths
like /var/Windows/Program Files/ on our Reisers and Exts and to
distribute Windows files over LVM?

And also: currently mostly Intel VT is being discussed, as the only
available on the market now. But will advanced AMD Pacifica''s features
help with anything of above (video/audio/hard disk), or they will give
only performance benefits?

-- 
With best regards,
 Alexander                          mailto:maa_subscriptions@sinn.ru



_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

> What is known about Nvidia plans - do they plan to develop a dom0-only,
> or maybe even a domU drivers as well?
dom0 3D drivers are certainly easier (these should also work in a domU that 
has access to PCI graphics card, once PCI-passthrough is working again - 
someone will have to figure out how to make X behave correctly, tho).

domU drivers would ideally be more generic than a particular
manufacturer''s
drivers, although there is a performance / generic-ness tradeoff here.
> Do I understand properly that 
> with proper domU-drivers it will be possible... maybe even run
> OpenGL/DirectX software under guest Windows?
In theory, certainly.  It just requires somebody to design and implement a 3D 
virtual graphics interface *and* write the appropriate Windows driver.
> As far as I understand, ATI 
> drivers were made compatible with dom0, but no domU yet - so is Nvidia
> behind ATI in this area yet?
I''m not sure the patches to the ATI driver to make it behave itself
under Xen
have been upstreamed yet.  Once Xen is in the mainline kernel and its 
popularity becomes apparent, hopefully both manufacturers will decide its 
worth testing under Xen.
> Is sound card virtualization now working in any form (at least in
> "3"-mode, by emulation)?
I''d imagine that''s reasonably easy to make work for VT guests.
Paravirt
guests need to use network sound daemons at the moment, (artsd, esoundd, or 
use FreeNX if you can make it work).

A number of people have been looking at paravirtualised sound drivers for 
native Xen guests.
> And, probably, the most important: how hard drive is emulated for
> guest Windows? Should it use a dedicated drive, a dedicated partition,
> or maybe it requires an "image" file (visible to domU-Windows as
hard
> drive, but stored as a file on a real FS for dom-Linux)?
Right now the emulation is provided by userspace in dom0, so it could be any 
of those options.  In future I understand it''s likely to be provided by
some
kind of shadow IO domain that will run alongside the VT domain and emulate 
device accesses, using the normal paravirtualised interface to dom0 to 
actually transfer data.  This option should help with performance and also 
make live migration, suspend/resume, etc closer to the process required for 
native domains.
> Or maybe even 
> file-level access is virtualized, so that we can be able to have paths
> like /var/Windows/Program Files/ on our Reisers and Exts and to
> distribute Windows files over LVM?
You''d want something like my XenFS for this.  It''ll be quite a
long time
before a XenFS client for Windows is available, it''ll be Linux-only to
start
with.
> And also: currently mostly Intel VT is being discussed, as the only
> available on the market now. But will advanced AMD Pacifica''s
features
> help with anything of above (video/audio/hard disk), or they will give
> only performance benefits?
Device emulation will be rather similar for both.  I get the impression 
Pacifica has more features for safely exposing real devices for dedicated 
access by guests, but I''m not certain on this.

Future iterations of virtualisation-aware hardware are likely to include more 
support for virtualisation.  Smart NICS (like Infiniband) are already well 
disposed towards efficient virtualisation, since they provide virtual network 
interfaces in hardware.

HTH,
Mark

-- 
Dave: Just a question. What use is a unicyle with no seat?  And no pedals!
Mark: To answer a question with a question: What use is a skateboard?
Dave: Skateboards have wheels.
Mark: My wheel has a wheel!

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users