Fedora xen - Aug 2006 - FC5--Xen3.0.2--dom0 and domU iptables, communication

Situation:

Running a simple UDP client/server program where the client on one domU on
one computer sends echo packets to another domU on another computer,
server sends echoes back.  They do this on a specified port (will use any
port between 5000-6000).  This program works on non-Xen machines in
various environments, Linux and Solaris.  Program just hangs on the domUs.
 I believe I need help with my ports to allow connections and UDP/TCP
packets to go through ports 5000-6000.

--------------------------------------------

My environment:

(machine1) domU 10.0.0.1 <-> (machine1) dom0 172.16.48.252 <->
(machine2)
dom0 172.16.48.253 <-> (machine1) domU 10.0.1.1

dom0s -- FC5  (2.6.17-1.2157_FC5xen0, using 512MB RAM)
domUs -- FC5  (2.6.17-1.2157_FC5xen0, using 256MB RAM)
-NAT scripts (network-nat, vif-nat) are used on bootup
-can ping and ssh between dom0 and domUs (on both machines)
-I have disabled selinux and firewall

-------------------------------------------------

My routing table on (machine1) dom0:
Destination  Gateway       Genmask         Flags Metric Ref    Use Iface
10.0.0.1     0.0.0.0       255.255.255.255 UH    0      0        0 vif1.0
10.0.1.0     172.16.48.253 255.255.255.0   UG    0      0        0 eth0
172.16.48.0  0.0.0.0       255.255.254.0   U     0      0        0 eth0
169.254.0.0  0.0.0.0       255.255.0.0     U     0      0        0 eth0
0.0.0.0      172.16.48.1   0.0.0.0         UG    0      0        0 eth0

-------------------------------------------------

My routing table on (machine1) domU:
Destination   Gateway      Genmask         Flags Metric Ref    Use Iface
10.0.0.0      0.0.0.0      255.255.255.0   U     0      0        0 eth0
169.254.0.0   0.0.0.0      255.255.0.0     U     0      0        0 eth0
0.0.0.0       10.0.0.1     0.0.0.0         UG    0      0        0 eth0

-------------------------------------------------

''iptables -L'' on (machine1) dom0:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  10.0.0.1             anywhere            PHYSDEV match
--physdev-in vif1.0
ACCEPT     udp  --  anywhere             anywhere            PHYSDEV match
--physdev-in vif1.0 udp spt:bootpc dpt:bootps

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

------------------------------------------------

''iptables -L'' on (machine1) domU:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     ipv6-crypt--  anywhere             anywhere
ACCEPT     ipv6-auth--  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp
dpt:ssh
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited

-----------------------------------

Would like domU on machine1 to have the ability to use tcp/udp over ports
5000-6000 with domU on machine2.  Sorry if the columns aren''t aligned.
Any help sent, thanks in advance.

Vince