I have seen this in the archives but am still having trouble implementing.
I want to create a domu with physical access to two nics in vmware. I am
staging this for my production server.
WAN eth0
_________________| |__________________
| _____________| |______________ |
|
| | |
LAN eth1=====| Firewall | |
| |___________________ ________| |
| |
| |
| virtual
DMZ |
|____________________________________|
sorry my asci art stinks.
im using 2.0.7 (i think... i know its not 3) with 2.6.11 kernel on debian
3.1 sarge
lspci shows 0000:00:10.0 Ethernet Controller and 0000:12.0 Ethernet
Controller
in /boot/grub/menu.lst
i added "physdev_dom0_hide=(00:10.0)(00:12.0)", with out quotes to the
module line.
but it still shows up in lspci after reboot.
I know this has been gone over and I have read the emails
--
Thank you,
Frank Di Rocco
"Does an optimistic person look at a hard drive as half-full or
half-empty?"
-ofanged1-at-gmail.com
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
Alexander Wilms
2006-Mar-10 10:04 UTC
Re: [Xen-users] DomU privleged network access - Firewall
Mathias Diehl schrieb:> Hi, > > you''re pretty close :-) > > physdev_dom0_hide=''(00:04.2)(01:00.0)(00:06.0)'' > > should work - look at the ''. >Frank, your problem is not a missing " '' ", you have to add the hide parameter to the kernel line, not to module line. In 2.0.x the hypervisor is doing the hiding, not the dom0 kernel! (as it is done in xen 3.0.x)> > >> >> Controller >> >> in /boot/grub/menu.lst i added >> "physdev_dom0_hide=(00:10.0)(00:12.0)", with out quotes to the >> module line.see above, your config should look like this: title SUSE LINUX 9.3 XEN kernel (hd0,0)/boot/xen.gz showopts vga=0x346 physdev_dom0_hide=(00:0f.0)(00:0e.0)(00:10.0) dom0_mem=257336 module (hd0,0)/boot/vmlinuz-xen root=/dev/hda1 vga=0x346 selinux=0 splash=silent module (hd0,0)/boot/initrd-xen Alex _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Mathias Diehl
2006-Mar-10 11:31 UTC
Re:[Xen-users] DomU privleged network access - Firewall
Hi, you''re pretty close :-) physdev_dom0_hide=''(00:04.2)(01:00.0)(00:06.0)'' should work - look at the ''. And according to my own trouble I faced for weeks with a setup like your''s: you need an individual network script as you wont have any physical eth left for xen. cheers, Mat -----Original Message----- Sent: Donnerstag 09.03.06 22:12:32 Subject: [Xen-users] DomU privleged network access - Firewall>I have seen this in the archives but am still having trouble implementing. > >I want to create a domu with physical access to two nics in vmware. I am >staging this for my production server. > WAN eth0 > _________________| |__________________ > | _____________| |______________ | > | >| | | >LAN eth1=====| Firewall | | > | |___________________ ________| | > | | >| | > | virtual >DMZ | > |____________________________________| > >sorry my asci art stinks. >im using 2.0.7 (i think... i know its not 3) with 2.6.11 kernel on debian >3.1 sarge >lspci shows 0000:00:10.0 Ethernet Controller and 0000:12.0 Ethernet >Controller > >in /boot/grub/menu.lst >i added "physdev_dom0_hide=(00:10.0)(00:12.0)", with out quotes to the >module line. >but it still shows up in lspci after reboot. > >I know this has been gone over and I have read the emails > >-- >Thank you, >Frank Di Rocco > >"Does an optimistic person look at a hard drive as half-full or half-empty?" >-ofanged1-at-gmail.com >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Frank DiRocco
2006-Mar-10 14:21 UTC
Re: [Xen-users] DomU privleged network access - Firewall
moving the physdev_dom0_hide line to the kernel parameters instead of the modules werked great. especially after I reallized 00:10.0 is my scsi controller and the ethernet controllers were really 00:11.0 and 00:12.0. Mathias, I will be using the dummy module to connect dom0 to priv.domU for access to LAN. from here i will access it via ssh and update its time. Thank you soo much for your help I really appriciate the great attitude on this mailing list. ill probably stay here awile. On 3/10/06, Alexander Wilms <alex.wilms@adminguru.org> wrote:> > Mathias Diehl schrieb: > > > Hi, > > > > you''re pretty close :-) > > > > physdev_dom0_hide=''(00:04.2)(01:00.0)(00:06.0)'' > > > > should work - look at the ''. > > > Frank, your problem is not a missing " '' ", you have to add the hide > parameter to the kernel line, not to module line. > In 2.0.x the hypervisor is doing the hiding, not the dom0 kernel! (as > it is done in xen 3.0.x) > > > > > > > > >> > >> Controller > >> > >> in /boot/grub/menu.lst i added > >> "physdev_dom0_hide=(00:10.0)(00:12.0)", with out quotes to the > >> module line. > > see above, your config should look like this: > > title SUSE LINUX 9.3 XEN > kernel (hd0,0)/boot/xen.gz showopts vga=0x346 > physdev_dom0_hide=(00:0f.0)(00:0e.0)(00:10.0) dom0_mem=257336 > module (hd0,0)/boot/vmlinuz-xen root=/dev/hda1 vga=0x346 > selinux=0 splash=silent > module (hd0,0)/boot/initrd-xen > > > > Alex > >-- Thank you, Frank Di Rocco "Does an optimistic person look at a hard drive as half-full or half-empty?" -ofanged1-at-gmail.com _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
i have my dom0 not showing the pci network interfaces upon lspci. dom0 only has one dummy interface when it boots /etc/modules contains "dummy -o dummy0 in my domU config file i added the lines nics = 3 pci = [ ''00,11,0'' , ''00,12,0'' ] #these are the address of the nics I hide from dom0 once both domains are loaded ifconfig shows dummy0 configured the way it was in /etc/network/interfaces additionally vif1.0 and vif 1.1 are shown unconfigured brctl show xen-br0 8000.c65260b5d9b3 no dummy0 vif1.0 vif1.1 xm vif domU (vif (idx 0) (vif 0) (mac aa:00:00:0e:b1:75) (vifname vif1.0) (evtchn 14 4) (index 0)) (vif (idx 1) (vif 1) (mac aa:00:00:0e:b1:75) (vifname vif1.1) (evtchn 15 5) (index 1)) Inside of my domU I have configured eth0 and eth1 with addresses on the LAN and the proper gateway yet i can not ping out. I really think im missing some small point. Also I am confused by the above output of "brctl show", does this mean xen-br0 is connected to dummy0 vif1.0 and vif1.1 or just connected to dummy0 and vif''s are not connected to anything on dom0? On another note, i tried lspci inside of domU and it showed nothing, but i didn''t expect it to. so, is there any way to verify the pci devices are attached to the domu? -- Thank you, Frank Di Rocco "Does an optimistic person look at a hard drive as half-full or half-empty?" -ofanged1-at-gmail.com _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Alexander Wilms
2006-Mar-10 23:28 UTC
Re: [Xen-users] DomU privleged network access - Firewall
> On another note, i tried lspci inside of domU and it showed > nothing, but i didn''t expect it to. so, is there any way to verify > the pci devices are attached to the domu? >Hi Frank, just a quick shot to this issue only. lspci should show the hidden and then delegated devices! So there must be an issue with your config somehow. my pci domU parameter looks like this and works: pci = [''00,0f,0'',''00,0e,0'',''00,10,0''] HTH, Alex _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users