Hi all, I have a trouble bridging vlans; this is my scenario: |--> eth0 used for service on Dom0 (not bridget) | |--> eth1 export .1q vlan2, vlan3 and vlan4 | |--> vlan2 --> bridge xenbr2 | |--> vlan3 --> bridge xenbr3 | |--> vlan4 --> bridge xenbr4 | |--> eth2 --> bridge xenbd192 used for backup lan My DomUs link Dom0 in this way: virtual eth0 go to xenbr2|3|4, it depend on the vlan i need to coonect to. virtual eth1 go to xenbr192 for backups. It happen that I can "ping" the DomU but I can''t "ssh" on it; the netstat on the Dom0 show an ESTABLISHED connection on the 22 port but nothing else happen, no certificate confirmation request, no password, no errors, no commands prompt ... only a blinking cursor and a timeout after about 60 seconds. I can "ssh" correctly via backup network. Any suggestions? -- Alessio Mineni WaveGroup Via Benaco 34/b 25081 Bedizzole BS _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Alessio Mineni wrote:> Hi all, > > I have a trouble bridging vlans; this is my scenario: > > |--> eth0 used for service on Dom0 (not bridget) > | > |--> eth1 export .1q vlan2, vlan3 and vlan4 > | |--> vlan2 --> bridge xenbr2 > | |--> vlan3 --> bridge xenbr3 > | |--> vlan4 --> bridge xenbr4 > | > |--> eth2 --> bridge xenbd192 used for backup lan > > My DomUs link Dom0 in this way: > virtual eth0 go to xenbr2|3|4, it depend on the vlan i need to coonect to. > virtual eth1 go to xenbr192 for backups. > > It happen that I can "ping" the DomU but I can''t "ssh" on it; the netstat on > the Dom0 show an ESTABLISHED connection on the 22 port but nothing else > happen, no certificate confirmation request, no password, no errors, no > commands prompt ... only a blinking cursor and a timeout after about 60 > seconds. > > I can "ssh" correctly via backup network. > > Any suggestions? >Does an SSH handshake complete (turn on debugging in the client)? -- Christopher G. Stach II _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
---------- Forwarded message ---------- From: Martin Hierling <martin@mh-itc.de> Date: 19.12.2006 17:31 Subject: Re: [Xen-users] xen and .1q vlans To: "Christopher G. Stach II" <cgs@ldsys.net>> the Dom0 show an ESTABLISHED connection on the 22 port but nothing else > > happen, no certificate confirmation request, no password, no errors, no > > commands prompt ... only a blinking cursor and a timeout after about 60 > > seconds. >Does name resolution work inside the domU you want to ssh in? sshd is making a rev. lookup for the ip you are connecting from. So perhaps your ssh timeout killes the connection before sshd can accept it. Try another service like http or even telnet! Does it work? Can you use ssh from domU to XY? regards Martin _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tuesday 19 December 2006 9:39 am, Alessio Mineni wrote:> It happen that I can "ping" the DomU but I can''t "ssh" on it; the netstattry different ping packet sizes (eg: ping -s 1500), several common problems with vlans affect only packets over 1496 bytes long. check that eth1''s MTU is at least 4 bytes bigger than vlanX''s MTU. if vlan2 has an MTU of 1500, eth1 must have at least 1504. some people like to turn down vlanX MTU to 1496, but that doesn''t work if the vlan device is used for bridging and not routing. (that''s because the MTU discovery is done watching for the ''fragmentation needed'' ICMP packets, but a bridge doesn''t fragment, it simply drops what it can''t handle) -- Javier _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Alle 15:39, martedì 19 dicembre 2006, Alessio Mineni ha scritto:> Hi all, > > I have a trouble bridging vlans; this is my scenario: > |--> eth0 used for service on Dom0 (not bridget) > | > |--> eth1 export .1q vlan2, vlan3 and vlan4 > | > | |--> vlan2 --> bridge xenbr2 > | |--> vlan3 --> bridge xenbr3 > | |--> vlan4 --> bridge xenbr4 > | > |--> eth2 --> bridge xenbd192 used for backup lan > > My DomUs link Dom0 in this way: > virtual eth0 go to xenbr2|3|4, it depend on the vlan i need to coonect to. > virtual eth1 go to xenbr192 for backups. > > It happen that I can "ping" the DomU but I can''t "ssh" on it; the netstat > on the Dom0 show an ESTABLISHED connection on the 22 port but nothing else > happen, no certificate confirmation request, no password, no errors, no > commands prompt ... only a blinking cursor and a timeout after about 60 > seconds. > > I can "ssh" correctly via backup network. > > Any suggestions?Thanks to all, I''ve solved moving the vlans form Dom0 to DomUs. In this way (that really I don''t like) it seams to work fine. I cannot replay immediatly to your questions because of my new different configuration, I need to reconfigure Dom0 and DomUs, let me move form test PC to production server and I reconfigure the test PC. Thanks Thanks Thanks. -- Alessio Mineni WaveGroup Via Benaco 34/b 25081 Bedizzole BS _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Alle 10:53, mercoledì 20 dicembre 2006, Alessio Mineni ha scritto:> Alle 15:39, martedì 19 dicembre 2006, Alessio Mineni ha scritto: > > Hi all, > > > > I have a trouble bridging vlans; this is my scenario: > > |--> eth0 used for service on Dom0 (not bridget) > > | > > |--> eth1 export .1q vlan2, vlan3 and vlan4 > > | > > | |--> vlan2 --> bridge xenbr2 > > | |--> vlan3 --> bridge xenbr3 > > | |--> vlan4 --> bridge xenbr4 > > | > > |--> eth2 --> bridge xenbd192 used for backup lan > > > > My DomUs link Dom0 in this way: > > virtual eth0 go to xenbr2|3|4, it depend on the vlan i need to coonect > > to. virtual eth1 go to xenbr192 for backups. > > > > It happen that I can "ping" the DomU but I can''t "ssh" on it; the netstat > > on the Dom0 show an ESTABLISHED connection on the 22 port but nothing > > else happen, no certificate confirmation request, no password, no errors, > > no commands prompt ... only a blinking cursor and a timeout after about > > 60 seconds. > > > > I can "ssh" correctly via backup network. > > > > Any suggestions? > > Thanks to all, I''ve solved moving the vlans form Dom0 to DomUs. In this way > (that really I don''t like) it seams to work fine. > > I cannot replay immediatly to your questions because of my new different > configuration, I need to reconfigure Dom0 and DomUs, let me move form test > PC to production server and I reconfigure the test PC. > > Thanks Thanks Thanks.... opss ... no, I''v not solved the problem. Now I can SSH in to the DomU but after some commands (particulary net command like ifconfig) I lost the output. I can write command and commands work but I can''t see any echo of my commands and no output are displayed. -- Alessio Mineni WaveGroup Via Benaco 34/b 25081 Bedizzole BS _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Alessio Mineni wrote: ...> ... opss ... no, I''v not solved the problem. Now I can SSH in to the DomU but > after some commands (particulary net command like ifconfig) I lost the > output. I can write command and commands work but I can''t see any echo of my > commands and no output are displayed. > > -- > Alessio MineniIt sounds like a MTU problem, like a previous poster suggested. Simon _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Alle 15:39, martedì 19 dicembre 2006, Alessio Mineni ha scritto:> Hi all, > > I have a trouble bridging vlans; this is my scenario: > |--> eth0 used for service on Dom0 (not bridget) > | > |--> eth1 export .1q vlan2, vlan3 and vlan4 > | > | |--> vlan2 --> bridge xenbr2 > | |--> vlan3 --> bridge xenbr3 > | |--> vlan4 --> bridge xenbr4 > | > |--> eth2 --> bridge xenbd192 used for backup lan > > My DomUs link Dom0 in this way: > virtual eth0 go to xenbr2|3|4, it depend on the vlan i need to coonect to. > virtual eth1 go to xenbr192 for backups. > > It happen that I can "ping" the DomU but I can''t "ssh" on it; the netstat > on the Dom0 show an ESTABLISHED connection on the 22 port but nothing else > happen, no certificate confirmation request, no password, no errors, no > commands prompt ... only a blinking cursor and a timeout after about 60 > seconds. > > I can "ssh" correctly via backup network. > > Any suggestions?Using the original scenario (with DomU NIC that link on vlans) and turning off the TX checksum in both Dom0 and DomUs. Thanks to all :) -- Alessio Mineni WaveGroup Via Benaco 34/b 25081 Bedizzole BS _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users