Hi,
First time using xen....
I have created and booted a guest OK, but the networking doesn''t work.
According to the rather limited documentation, keeping most of the
networking configuration at default is supposed to "just work".
Since I''ve never seen a working setup and the documentation is so
minimal, I''ve got no way to make progress without help.
*****************************************************************************
Here''s the running guest''s network config:
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:16:3E:34:23:46
          inet addr:69.46.20.228  Bcast:69.46.20.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe34:2346/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:123 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:5334 (5.2 KiB)
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:164 errors:0 dropped:0 overruns:0 frame:0
          TX packets:164 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:16244 (15.8 KiB)  TX bytes:16244 (15.8 KiB)
# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
69.46.20.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         69.46.20.1      0.0.0.0         UG    0      0        0 eth0
*****************************************************************************
And this is what the host has:
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:16:EC:C5:68:B2
          inet addr:69.46.20.224  Bcast:69.46.20.255  Mask:255.255.255.0
          inet6 addr: fe80::216:ecff:fec5:68b2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:706852 errors:0 dropped:37 overruns:0 frame:0
          TX packets:70372 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:48400504 (46.1 MiB)  TX bytes:57996195 (55.3 MiB)
          Interrupt:18 Base address:0xe800
eth0:0    Link encap:Ethernet  HWaddr 00:16:EC:C5:68:B2
          inet addr:69.46.20.225  Bcast:69.46.20.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:18 Base address:0xe800
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1708 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1708 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:191483 (186.9 KiB)  TX bytes:191483 (186.9 KiB)
vif3.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:414 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:12096 (11.8 KiB)  TX bytes:0 (0.0 b)
xenbr0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:456 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:13608 (13.2 KiB)  TX bytes:0 (0.0 b)
# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
69.46.20.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         69.46.20.1      0.0.0.0         UG    0      0        0 eth0
*****************************************************************************
Ping from guest to host:
# ping 69.46.20.224
PING 69.46.20.224 (69.46.20.224) 56(84) bytes of data.
From 69.46.20.228 icmp_seq=0 Destination Host Unreachable
From 69.46.20.228 icmp_seq=1 Destination Host Unreachable
From 69.46.20.228 icmp_seq=2 Destination Host Unreachable
Ping from host to guest:
# ping 69.46.20.228
PING 69.46.20.228 (69.46.20.228) 56(84) bytes of data.
From 69.46.20.224 icmp_seq=1 Destination Host Unreachable
From 69.46.20.224 icmp_seq=2 Destination Host Unreachable
From 69.46.20.224 icmp_seq=3 Destination Host Unreachable
Where to from here??????
-- 
TIA,
 Russell                          mailto:russellr@openconcepts.com.au
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
Hello jez, Thanks for your reply...much appreciated. Friday, March 16, 2007, 7:56:31 AM, you wrote: j> Networking docs are on the wiki: j> http://wiki.xensource.com/xenwiki/XenNetworking j> Quite complicated though! I skimmed that but it didn''t tell me much. I''ll read it in detail... j> This doesn''t look quite right. You''re missing some entries that would j> usually appear in a default setup. Can you give me the following j> information: j> 1. Output from "brctl show" on Dom0 # brctl show bridge name bridge id STP enabled interfaces xenbr0 8000.feffffffffff no vif3.0 I tried manually adding eth0 on dom0 to the bridge, and that just broke the networking completely. j> 2. The entries for: j> (network-script ???) j> (vif-script ???) j> in your /etc/xen/xend-config.sxp Unchanged from default: (network-script network-bridge) (vif-script vif-bridge) j> 3. Entries for ''vif'' in your domain configuration files if they don''t j> just look like: j> vif = [ '''' ] Just like that - unchanged from default. j> 4. Also, can this machine still ping other machines on your network in j> it''s preset state? I only have dom0 and one domU. dom0 and domU canot ping each other. j> 5. Are you using a version of xen that came with your distro or did you j> download it yourself? And if ''distro version'', then what distro are j> you running? Distro is Centos 4.4. I downloaded the RPMs from xensource.org. On dom0: # rpm -qa | fgrep xen kernel-xen-2.6.16.33-3.0.4.1 xen-3.0.4.1-1 -- Best regards, Russell mailto:russellr@openconcepts.com.au _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello jez and all, I *knew* it was something simple: ifconfig veth3 IPAddr up Problem solved! Strange that XEN doesn''t do this automatically when you start the guest/domU. -- Best regards, Russell mailto:russellr@openconcepts.com.au _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi, Sorry, spoke too soon Friday, March 16, 2007, 7:10:22 AM, you wrote: RR> I *knew* it was something simple: RR> ifconfig veth3 IPAddr up This made IPAddr respond to ping, but it''s not the guest/domU. The Wiki docs don''t seem to be correct....missing lots of information and my dom0 doesn''t have a peth0 interface created by the bridge, as described (is that the problem)? -- Best regards, Russell mailto:russellr@openconcepts.com.au _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Thu, Mar 15, 2007 at 09:43:45PM +1100, Russell Robinson wrote:> > According to the rather limited documentation, keeping most of the > networking configuration at default is supposed to "just work". >Networking docs are on the wiki: http://wiki.xensource.com/xenwiki/XenNetworking Quite complicated though!> And this is what the host has: > > # ifconfig > eth0 Link encap:Ethernet HWaddr 00:16:EC:C5:68:B2 > inet addr:69.46.20.224 Bcast:69.46.20.255 Mask:255.255.255.0 > inet6 addr: fe80::216:ecff:fec5:68b2/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:706852 errors:0 dropped:37 overruns:0 frame:0 > TX packets:70372 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:48400504 (46.1 MiB) TX bytes:57996195 (55.3 MiB) > Interrupt:18 Base address:0xe800 > > eth0:0 Link encap:Ethernet HWaddr 00:16:EC:C5:68:B2 > inet addr:69.46.20.225 Bcast:69.46.20.255 Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > Interrupt:18 Base address:0xe800 > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:1708 errors:0 dropped:0 overruns:0 frame:0 > TX packets:1708 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:191483 (186.9 KiB) TX bytes:191483 (186.9 KiB) > > vif3.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF > inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link > UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 > RX packets:414 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:32 > RX bytes:12096 (11.8 KiB) TX bytes:0 (0.0 b) > > xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF > inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link > UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 > RX packets:456 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:13608 (13.2 KiB) TX bytes:0 (0.0 b) >This doesn''t look quite right. You''re missing some entries that would usually appear in a default setup. Can you give me the following information: 1. Output from "brctl show" on Dom0 2. The entries for: (network-script ???) (vif-script ???) in your /etc/xen/xend-config.sxp 3. Entries for ''vif'' in your domain configuration files if they don''t just look like: vif = [ '''' ] 4. Also, can this machine still ping other machines on your network in it''s preset state? 5. Are you using a version of xen that came with your distro or did you download it yourself? And if ''distro version'', then what distro are you running? _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Fri, Mar 16, 2007 at 07:31:40AM +1100, Russell Robinson wrote:> Hi, > > Sorry, spoke too soon > > Friday, March 16, 2007, 7:10:22 AM, you wrote: > RR> I *knew* it was something simple: > RR> ifconfig veth3 IPAddr up > > This made IPAddr respond to ping, but it''s not the guest/domU. > > The Wiki docs don''t seem to be correct....missing lots of information > and my dom0 doesn''t have a peth0 interface created by the bridge, as > described (is that the problem)? >Yeah, I was just prep''ing a reply to tell you not to get too excited. A working bridge configuration for you should look like: $ brctl show bridge name bridge id STP enabled interfaces xenbr0 8000.feffffffffff no vif0.0 peth0 vif3.0 At the moment it appears that the xen network-bridge script was very unsuccessful in putting your eth0 interface onto the bridge. Can you check the xen logfiles as well of the syslog to see if there is any indication of why this failed. My initial gut feeling was that it was because you were using aliases (ie you have an interface called eth0:0). I recommend that you take down that eth0:0 interface and try again. However, I must note that I did a quick experiment here involving aliases and the xen scripts still worked (though eth0:0 was changed to eth0:2). Utlimately you will be better off using "ip addr add" to add additional ip addresses to your interfaces rather than using old-style aliases - but this probably won''t solve all your problems here unfortunatly. Let us know how you get on searching the logs, and trying again without eth0:0. Also, if you are running iptables this is going to get in the way of any tests you conduct - so watch out for this. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello, Friday, March 16, 2007, 8:59:35 AM, you wrote: j> On Fri, Mar 16, 2007 at 07:31:40AM +1100, Russell Robinson wrote:>> Hi, >> >> Sorry, spoke too soon >> >> Friday, March 16, 2007, 7:10:22 AM, you wrote: >> RR> I *knew* it was something simple: >> RR> ifconfig veth3 IPAddr up >> >> This made IPAddr respond to ping, but it''s not the guest/domU. >> >> The Wiki docs don''t seem to be correct....missing lots of information >> and my dom0 doesn''t have a peth0 interface created by the bridge, as >> described (is that the problem)? >>j> Yeah, I was just prep''ing a reply to tell you not to get too excited. j> A working bridge configuration for you should look like: j> $ brctl show j> bridge name bridge id STP enabled interfaces j> xenbr0 8000.feffffffffff no vif0.0 j> peth0 j> vif3.0 j> At the moment it appears that the xen network-bridge script was j> very unsuccessful in putting your eth0 interface onto the bridge. j> Can you check the xen logfiles as well of the syslog to see if there is j> any indication of why this failed. j> My initial gut feeling was that it was because you were using aliases j> (ie you have an interface called eth0:0). I recommend that you take down j> that eth0:0 interface and try again. OK, finally got rid of the old aliasing. I briefly saw the peth0 and vif0.0 interface after doing a "service start xend". I thought, AHA! So, I switched off any IPTABLES stuff and rebooted dom0. No peth0 or vif0.0. Also, "service start xend" says nothing and "xend status" says nothing either. /var/log/xen/xend.log has this: [2007-03-16 09:30:48 xend 6160] WARNING (XendAuthSessions:27) python-pam is requ ired for XenAPI support. Warning doesn''t sound fatal, and a package called "python-pam" does not exist anywhere on the internet (well, it''s referenced as ancient). Is this the problem? xend.log also has this from the boot process: [2007-03-16 09:25:38 xend 5208] WARNING (XendAuthSessions:27) python-pam is required for XenAPI support. [2007-03-16 09:25:38 xend 5239] INFO (SrvDaemon:322) Xend Daemon started [2007-03-16 09:25:38 xend 5239] INFO (SrvDaemon:326) Xend changeset: unavailable. [2007-03-16 09:25:38 xend 5239] INFO (SrvDaemon:333) Xend version: Unknown. [2007-03-16 09:25:38 xend.XendDomainInfo 5239] INFO (XendDomainInfo:135) Recreating domain 0, UUID 00000000-0000-0000-0000-000000000000. at /local/domain/0 [2007-03-16 09:25:38 xend.XendDomainInfo 5239] WARNING (XendDomainInfo:149) /local/domain/0/vm is missing. recreate is confused, trying our best to recover This doesn''t look good, but who knows what it means? Nothing should be this hard....it makes Microsoft look good (which is almost impossible). -- Best regards, Russell mailto:russellr@openconcepts.com.au _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello, Properly solved this time.....I hope! The problem is the python-pam package. It''s not called "python-pam", it''s caled PyPAM. You cannot get it from Centos yum repositories. I got it from here: http://www.math.ohiou.edu/pub/casit/pykota/el4/i386/PyPAM-0.4.2-3.el4.mrh.i386.rpm Now for the rhetorical questions to air my extreme annoyance and this... Why wouldn''t the XENSOURCE RPM packages for Centos have a dependency for Python PAM????? That''s one of the purposes of RPM. Why wouldn''t XENSOURCE include Python PAM in the downloads????? Why isn''t there any documentation about this? Why do the logs say "WARNING" about python-pam missing instead of "SERIOUS FATAL ERROR THAT WILL PREVENT XEN NETWORKING FROM WORKING!!!!" ?????? I am the *only* person in the history of the universe to run OpenSource XEN on Centos 4.4? Arrrrggghhhhhh!!!!!! Thanks HEAPS to jez for holding my hand during this labourious task. I sure hope these posts help someone else and prevent them wasting the 10 hours it''s cost me! -- Best regards, Russell mailto:russellr@openconcepts.com.au _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
> OK, finally got rid of the old aliasing. > > I briefly saw the peth0 and vif0.0 interface after doing a "service > start xend". > > I thought, AHA! So, I switched off any IPTABLES stuff and rebooted > dom0.Rebooting should wipe those out until you start xend again. They don''t persist over reboots.> No peth0 or vif0.0.Keep in mind that the basic setup actually creates some of these interfaces by renaming existing ones. You''ll usually have something like this: eth0 Then you load the netback driver (if its modularized, otherwise it''s always there) and you see: eth0 veth0 vif0.0 Then you start xend and see: eth0 peth0 xenbr0 vif0.0 Essentially the veth0 and vif0.0 devices are two ends of the same pipe. It''s used to make a fake eth0 that plugs into the software ethernet bridge (xenbr0). peth0 is just the real eth0 renamed. The actual dance goes like this (I may have the order a bit mixed up): State: eth0 (physical device), veth0 (virtual domain side), vif0.0 (virtual switch side) 1. Create bridge xenbr0. State: eth0 (physical device), veth0 (virtual domain side), vif0.0 (virtual switch side), xenbr0 (magical management interface for bridge) 2. Plug vif0.0 into xenbr0 State: nothing visibly different 3. Rename eth0 to peth0 and veth0 to eth0 (pull a switcheroo) State: eth0 (virtual device), peth0 (physical device), vif0.0 (virtual switch side, plugged in), xenbr0 (bridge interface) 4. Move MAC Address, IPs, Routes, etc from peth0 to eth0 5. Plug peth0 into xenbr0 At this point, you have a virtual switch, with a loopback plugged into it and the physical interface plugged into it. All of your logical network configuration has been moved to the other end of the loopback. As domains are added, the end of their network device on this side (vifM.N where M is the domain and N is ethN inside of the domain) is plugged into that same switch. This is a lot of magic and a lot can go wrong. I don''t know if this will help you solve your particular issue or not.> Warning doesn''t sound fatal, and a package called "python-pam" does > not exist anywhere on the internet (well, it''s referenced as ancient).I''m not sure if this is a problem.> Nothing should be this hard....it makes Microsoft look good (which is > almost impossible).Please don''t say things like that. It makes people like me not want to take the time to help you. I mean this in the nicest possible way. I recommend the little squishy stress balls for expressing frustration. If you need some one-on-one and can make a phone call (or may a conference over iChat) to the US, contact me off list and I can probably help. -- Jayson Vantuyl Systems Architect Engine Yard jvantuyl@engineyard.com _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Fri, Mar 16, 2007 at 09:39:02AM +1100, Russell Robinson wrote:> > Nothing should be this hard....it makes Microsoft look good (which is > almost impossible). >Trust me Russell - saying stuff like that is definitly not going to help you cause here. If you said that in your first post, we wouldn''t even be having this conversation. I''ll get back to once I''ve processed your feedback. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello Jayson, Friday, March 16, 2007, 10:29:07 AM, you wrote: > Essentially the veth0 and vif0.0 devices are two ends of the same pipe. It''s used to make a fake eth0 that plugs into the software ethernet bridge (xenbr0). peth0 is just the real eth0 renamed. The actual dance goes like this (I may have the order a bit mixed up): Thanks for the description. It really helps. Can this description go into http://wiki.xensource.com/xenwiki/XenNetworking ? That page is actually quite misleading at times, as it stands. > Nothing should be this hard....it makes Microsoft look good (which is almost impossible). Please don''t say things like that. It makes people like me not want to take the time to help you. I mean this in the nicest possible way. I recommend the little squishy stress balls for expressing frustration. You''re right. I should have kept it clean. No one on this list is responsible for the omissions of the Xen developers, who are probably doing a pretty good job. I think I just got unlucky. Whether the comment was justified or not is beside the point. > If you need some one-on-one and can make a phone call (or may a conference over iChat) to the US, contact me off list and I can probably help. Thanks for the generous offer, however, the problem is now solved. Hopefully, the last such problem! -- Best regards, Russell mailto:russellr@openconcepts.com.au _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Fri, Mar 16, 2007 at 09:58:05AM +1100, Russell Robinson wrote:> > Properly solved this time.....I hope! >Great, well done!><rant status="censored"/>> > Thanks HEAPS to jez for holding my hand during this labourious task. >For the record, I distance myself completely from the previous rant. The real solution, as those with clue amongst you will know, is to to use Debian. :-) _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users