In order to make xend a bit more flexible about what it does with networking, would it be possible to have it just call out scripts like pppd (on debian at least) does. The idea would be /etc/xend/netup.d and /etc/xend/netdown.d directories in which scripts are called with ''runparts'' when a network interface on a domain starts or stops (or similar hooks). To be useful the scripts would need at least the following args passed in: vmid - id of vm index - network interface no netif - eg vif1.3 name - name of vm I know very little about python, but a fair bit about linux systems programming in general and so would be happy to tackle this myself unless it''s already in progress or is a stupid idea... Thanks James ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
I''m just looking at this now. I think that to do this I need to comment out anything bridge related in linux-2.4.26-xen-sparse/arch/xen/drivers/netif/backend/interface.c so that xen doesn''t do any bridging stuff, and then hook into xend so that it can call my scripts when the netif_fe_interface_status_changed events occur. It''s the second bit I''m having trouble with... where should that hook into? I can see where xend might sends such events... maybe it doesn''t have visibility to receiving them??? By taking the bridge stuff out of xen and putting it all in userland, it means that we can route packets or bridge interfaces or completely isolate them if desired. My reasons for doing it is that my server has 3 network cards, but any domain is only going to connect to 1 or 2 of them, but not necessarily the same 1 or 2 as other domains. Any suggestions? Thanks James> -----Original Message----- > From: xen-devel-admin@lists.sourceforge.net [mailto:xen-devel- > admin@lists.sourceforge.net] On Behalf Of James Harper > Sent: Tuesday, 22 June 2004 20:43 > To: xen-devel@lists.sourceforge.net > Subject: [Xen-devel] network idea > > In order to make xend a bit more flexible about what it does with > networking, would it be possible to have it just call out scripts like > pppd (on debian at least) does. > > The idea would be /etc/xend/netup.d and /etc/xend/netdown.ddirectories> in which scripts are called with ''runparts'' when a network interfaceon> a domain starts or stops (or similar hooks). To be useful the scripts > would need at least the following args passed in: > vmid - id of vm > index - network interface no > netif - eg vif1.3 > name - name of vm > > I know very little about python, but a fair bit about linux systems > programming in general and so would be happy to tackle this myself > unless it''s already in progress or is a stupid idea... > > Thanks > > James > > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/xen-devel------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
> I''m just looking at this now. I think that to do this I need to comment > out anything bridge related in > linux-2.4.26-xen-sparse/arch/xen/drivers/netif/backend/interface.c > so that xen doesn''t do any bridging stuff, and then hook into xend so > that it can call my scripts when the netif_fe_interface_status_changed > events occur. It''s the second bit I''m having trouble with... where > should that hook into? I can see where xend might sends such events... > maybe it doesn''t have visibility to receiving them???Xend will certainly see these messages, and it also has an event server for notifying interested parties when noteworthy events occur. Probably something ought to be hooked via that --- Mike Wray at HP will know more, since he wrote it. :-) -- Keir ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
> I''m just looking at this now. I think that to do this I need to comment > out anything bridge related in > linux-2.4.26-xen-sparse/arch/xen/drivers/netif/backend/interface.c > so that xen doesn''t do any bridging stuff, and then hook into xend so > that it can call my scripts when the netif_fe_interface_status_changed > events occur. It''s the second bit I''m having trouble with... where > should that hook into? I can see where xend might sends such events... > maybe it doesn''t have visibility to receiving them???James, The bridge stuff should be moving out of backend/interface.c and into a xend invoked script any day now -- stay tuned ;-)> By taking the bridge stuff out of xen and putting it all in userland, it > means that we can route packets or bridge interfaces or completely > isolate them if desired. My reasons for doing it is that my server has 3 > network cards, but any domain is only going to connect to 1 or 2 of > them, but not necessarily the same 1 or 2 as other domains.We need to put our thinking caps on and figure out how we want domain bridging/networking/firewalling to work from a control software point of view, particularly with respect to domain migration and such like. Ian> Any suggestions? > > Thanks > > James > > > -----Original Message----- > > From: xen-devel-admin@lists.sourceforge.net [mailto:xen-devel- > > admin@lists.sourceforge.net] On Behalf Of James Harper > > Sent: Tuesday, 22 June 2004 20:43 > > To: xen-devel@lists.sourceforge.net > > Subject: [Xen-devel] network idea > > > > In order to make xend a bit more flexible about what it does with > > networking, would it be possible to have it just call out scripts like > > pppd (on debian at least) does. > > > > The idea would be /etc/xend/netup.d and /etc/xend/netdown.d > directories > > in which scripts are called with ''runparts'' when a network interface > on > > a domain starts or stops (or similar hooks). To be useful the scripts > > would need at least the following args passed in: > > vmid - id of vm > > index - network interface no > > netif - eg vif1.3 > > name - name of vm > > > > I know very little about python, but a fair bit about linux systems > > programming in general and so would be happy to tackle this myself > > unless it''s already in progress or is a stupid idea... > > > > Thanks > > > > James > > > > > > > > ------------------------------------------------------- > > This SF.Net email sponsored by Black Hat Briefings & Training. > > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > > digital self defense, top technical experts, no vendor pitches, > > unmatched networking opportunities. Visit www.blackhat.com > > _______________________________________________ > > Xen-devel mailing list > > Xen-devel@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/xen-devel > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/xen-devel-=- MIME -=- I''m just looking at this now. I think that to do this I need to comment out anything bridge related in linux-2.4.26-xen-sparse/arch/xen/drivers/netif/backend/interface.c so that xen doesn''t do any bridging stuff, and then hook into xend so that it can call my scripts when the netif_fe_interface_status_changed events occur. It''s the second bit I''m having trouble with... where should that hook into? I can see where xend might sends such events... maybe it doesn''t have visibility to receiving them??? By taking the bridge stuff out of xen and putting it all in userland, it means that we can route packets or bridge interfaces or completely isolate them if desired. My reasons for doing it is that my server has 3 network cards, but any domain is only going to connect to 1 or 2 of them, but not necessarily the same 1 or 2 as other domains. Any suggestions? Thanks James> -----Original Message----- > From: xen-devel-admin@lists.sourceforge.net [mailto:xen-devel- > admin@lists.sourceforge.net] On Behalf Of James Harper > Sent: Tuesday, 22 June 2004 20:43 > To: xen-devel@lists.sourceforge.net > Subject: [Xen-devel] network idea >=20 > In order to make xend a bit more flexible about what it does with > networking, would it be possible to have it just call out scripts like > pppd (on debian at least) does. >=20 > The idea would be /etc/xend/netup.d and /etc/xend/netdown.ddirectories> in which scripts are called with ''runparts'' when a network interfaceon> a domain starts or stops (or similar hooks). To be useful the scripts > would need at least the following args passed in: > vmid - id of vm > index - network interface no > netif - eg vif1.3 > name - name of vm >=20 > I know very little about python, but a fair bit about linux systems > programming in general and so would be happy to tackle this myself > unless it''s already in progress or is a stupid idea... >=20 > Thanks >=20 > James >=20 >=20 >=20 > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/xen-devel------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On Tue, 22 Jun 2004 15:13:25 +0100 Ian Pratt <Ian.Pratt@cl.cam.ac.uk> wrote:> We need to put our thinking caps on and figure out how we want > domain bridging/networking/firewalling to work from a control > software point of view, particularly with respect to domain > migration and such like. > > IanI am experimenting with using VNET servers running in domain 0. VNET can "foist" network interfaces at the MAC level onto other networks (if there is another VNET server on the target subnet). The NIC appears at the same exact place as one of the other VNET server''s host''s interfaces as a real NIC. The IP administration is out of the scope of VNET and so it can be dealt with any way. Domains can appear on other domain0 private subnets but also as first class members on the network that the other VNET server is running on. The aim is for VMs to migrate but keep the same IPs. So as the VM migrates, the "Proxy" VNET server (sitting with another proxy server forming a VLAN) stays the same but the "Host" VNET server will be on a new resource. http://www.cs.northwestern.edu/~plab/Virtuoso/ ("Codes" section) This paper explains much more than the readme: http://www.cs.northwestern.edu/~plab/Virtuoso/usenix-vm04-vnet.pdf Tim p.s. As far as firewalling, here is a quote from the vnet paper linked to above: "A VNET client wishing to establish a handler between two VNET servers can contact either one. This is convenient, because if only one of the VNET servers is behind a NAT firewall, it can initiate the handler with an outgoing connection through the firewall. If the client is on the same network as the firewall, VNET then requires only that a single port be open on the other site''s firewall. If it is not, then both sites need to allow a single port through. If the desired port is not permitted through, there are two options. First, the VNET servers can be configured to use a common port. Second, if only SSH connections are possible, VNET''s TCP connection can be tunneled through SSH." ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
What are the general plans for migration and bridging? I''m new to Xen, maybe this has been covered, sorry if it has. Is the plan to have the new xend talk to other xend''s on other resources? Thanks, Tim ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
Hi, I am in the beginning stage of Xen and am trying to install on a Red Hat 7.x distribution (Yes, very old but I need it to function on this dinosaur, if possible!) I am now following the CD DOCUMENTATION and copied the xen.gz & xenolinux.gz to the /boot folder. (the bootloader IS grub). When i reboot with xen (and not redhat) i get a errormessage: Can''t find file image.gz The grub.conf looks like this: default=0 timeout=10 splashimage=(hd0,0)/grub/splash.xmp.gz title Xen / Xenlinux 2.4.22 root(hd0,0) kernel /boot/image.gz dom0_mem=131072 ser_baud=115200 noht module /boot/xenolinux.gz root=/dev/sda4 no console=tty0 another DOCUMENT from Xen also used xen.gz instead for image.gz. Why is that? Need some warm up here. Thanks for all help!!! Regards Rune ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On Tue, 2004-06-22 at 17:12, Rune Johan Andresen wrote:> Hi, I am in the beginning stage of Xen and am trying to install on a > Red Hat 7.x distribution (Yes, very old but I need it to function on > this dinosaur, if possible!) I am now following the CD DOCUMENTATION > and copied the xen.gz & xenolinux.gz to the /boot folder. (the > bootloader IS grub). > > When i reboot with xen (and not redhat) i get a errormessage: > > Can''t find file image.gz > > The grub.conf looks like this: > > default=0 > timeout=10 > splashimage=(hd0,0)/grub/splash.xmp.gz > > title Xen / Xenlinux 2.4.22 > root(hd0,0) > kernel /boot/image.gz dom0_mem=131072 ser_baud=115200 noht > module /boot/xenolinux.gz root=/dev/sda4 no console=tty0 > > > another DOCUMENT from Xen also used xen.gz instead for image.gz. Why is > that? Need some warm up here.the ''kernel'' grub is booting should be that of the Xen VMM (the module line tells xen which image to use for domain 0). If you copied the xen image of the CD and it is called xen.gz the kernel line for the grub entry should read: kernel /boot/xen.gz dom0_mem=131072 ser_baud=115200 noht Rolf> Thanks for all help!!! > > Regards > Rune > > > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/xen-devel------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On Tue, 22 Jun 2004 18:12:50 +0200, Rune Johan Andresen <runejoha@idi.ntnu.no> wrote:> > > Hi, I am in the beginning stage of Xen and am trying to install on a > Red Hat 7.x distribution (Yes, very old but I need it to function on > this dinosaur, if possible!) I am now following the CD DOCUMENTATION > and copied the xen.gz & xenolinux.gz to the /boot folder. (the > bootloader IS grub). > > When i reboot with xen (and not redhat) i get a errormessage: > > Can''t find file image.gz > > The grub.conf looks like this: > > default=0 > timeout=10 > splashimage=(hd0,0)/grub/splash.xmp.gz > > title Xen / Xenlinux 2.4.22 > root(hd0,0) > kernel /boot/image.gz dom0_mem=131072 ser_baud=115200 nohtRune, The above line should be kernel /boot/xen.gz <params>. Try that and let us know if it works. Niraj> module /boot/xenolinux.gz root=/dev/sda4 no console=tty0 > > another DOCUMENT from Xen also used xen.gz instead for image.gz. Why is > that? Need some warm up here. > > Thanks for all help!!! > > Regards > Rune > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/xen-devel >------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
> What are the general plans for migration and bridging? > > I''m new to Xen, maybe this has been covered, sorry if it has. Is the > plan to have the new xend talk to other xend''s on other resources?Yes. We need to get migration working again under the new control software world. A migration will involve two xend''s talking to each other and transferring the domain''s IO configuration as well as its memory image, registers etc. Hopefully this will be re-integrated within the next week. Ian ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
Thankyou for responding. When you say IO configuration, do you mean networking as well? What will happen to the IPs of the domains? Will we manually reassign once migrated? Thanks! Tim On Tue, 22 Jun 2004 17:51:30 +0100 Ian Pratt <Ian.Pratt@cl.cam.ac.uk> wrote:> > What are the general plans for migration and bridging? > > > > I''m new to Xen, maybe this has been covered, sorry if it has. Is the > > plan to have the new xend talk to other xend''s on other resources? > > Yes. We need to get migration working again under the new control > software world. A migration will involve two xend''s talking to > each other and transferring the domain''s IO configuration as well > as its memory image, registers etc. > > Hopefully this will be re-integrated within the next week. > > Ian >------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
> Thankyou for responding. When you say IO configuration, do you mean > networking as well? What will happen to the IPs of the domains? Will we > manually reassign once migrated?Our focus has been on migration within a cluster (same subnet) hence the IP can be retained and either the MAC address migrated too, or other people''s ARP caches updated via an unsolicited broadcast ARP Reply. Cross subnet migration is more tricky. You either need to tunnel packets, or change the domain''s IP. The latter is likely to be bad news for any open connections, but is achievable using the same mechanisms that laptops use for re-DHCPing when coming out of suspend. The resume code in arch/xen/kernel/setup.c could easily fake out an APM power resumed event that would then propagate to the appropriate user space daemons. Ian ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel