similar to: [SPAM] Xen bridge network issue

Problem still not solved, or any idea whats wrong. here are some msgs: device vif1.0 entered promiscuous mode alloc irq_desc for 1246 on node 0 alloc kstat_irqs on node 0 brI: port 2(vif1.0) entering learning state device vif1.1 entered promiscuous mode brE: port 2(vif1.1) entering learning state physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for

Hi, I'm not sure but I think I suffer under the same problem with a bit different setup with squeeze testing and xen 4.0rc5. In fact I'm using bridges in the dom0 and the connections to the domU get lost sporadically. In don't see where's a solution to the problem... Is it now a bug? When it's an iptables bug, where's the corresponding bug in the iptables bugtracker

Hi Everyone, In order to prevent DomU from entering promiscuous mode, is it just a matter of adding these 2 rules when the vif is created? # Accept packets leaving the bridge going to the domU only if # the destination IP for that packet matches an authorized IPv4 # address for that domU. iptables -A FORWARD -m physdev --physdev-out vif1.0 \ --destination 216.146.46.43 -j ACCEPT

Hi folks, I read quite some posts about "Destination host unreachable" problems before, but none could help me to solve my issue. So here we go: This is what I am using: SUSE Linux Enterprise Desktop 10 SP1 - Current with all updates Network configuration of my dom0: foobar:~ # ip a 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd

Hi, i have problems with the network between pv-domains and the real network. I done an upgrade with apt-get in debian an now i have xen4.1 with kernel 3.2.9 first i must chance the vif-bridge script from http://nopaste.php-q.net/194087 to http://nopaste.php-q.net/194084 now i have a connection from pv to dom0 and the windows hvm, but no connection between physical network an the pv

Hi, I would like to know if somebody can point me out how to configure several DomUs in a private LAN (for example 192.168.100.0/24) and one DomU with two interfaces (one - 192.168.100.0/24 and two - internet). So far I have enabled in xend-config.sxp: (network-script network-route) (vif-script vif-route) My config files have: /mnt/VM/1.cfg:vif = [''ip=192.168.1.3'']

Hi all! After upgrading to Squeeze, I am watching a Xen VMHost that after a while it hangs. This did not happen when I was using Xen with Debian Lenny (in this case as with Squeeze, the Xen components are from Debian repositories). In each case I connected a keyboard and monitor to the computer and the screen remained black without answering any key. This problem seems to also affect domUs,

(if this post gets line-feed-mangled please read http://www.dl.reneschmidt.de/shorewallxenpost.txt - that''s an unmangled version, thank you) Hello, first I would like to thank the Mr. Eastep and contributors for this great piece of software and superb documentation. I have a SOHO server (Debian testing) that I''m using for several purposes so I''ve set up a Xen

Hi, I have only one ethernet port in a remote server. (eth0) I have a public address with x.x.x.164 netmask 255.255.255.240 gw x.x.x.161 and want to use in my guest OS the next available ip address (x.x.x.165 netmask 255.255.255.240 gw x.x.x.161) Is this posible with brctl to achieve this? I did a file called ifcfg-xenbr0 with: DEVICE=xenbr0 TYPE=Bridge BOOTPROTO=dhcp ONBOOT=yes then

Hi, I have only one ethernet port in a remote server. (eth0) I have a public address with x.x.x.164 netmask 255.255.255.240 gw x.x.x.161 and want to use in my guest OS the next available ip address (x.x.x.165 netmask 255.255.255.240 gw x.x.x.161) Is this posible with brctl to achieve this? I did a file called ifcfg-xenbr0 with: DEVICE=xenbr0 TYPE=Bridge BOOTPROTO=dhcp ONBOOT=yes then

When starting xend i see the following errors on the console. I''m running CentOS 5 as the operating system with kernel 2.6.32.18 from 4.0.1''s `make prep-kernels` Below is a log, the things i''m concerned with is the XENBUS errors and the deprecated iptables stuff. Any ideas whats going on here? ---------------------------------------------------- Bridge

Hi folks, I''ve been trying to work out this situation for a few days now without much success and dug all over the archives for similar issues, none of which seem to relate exactly. I installed Debian Etch and the Xen (3.03) kernels / binaries on a Dell server. It works fantastic with all the default configurations with one strange flaw - as soon as the /etc/xen/scripts/network-bridge

CentOS 5.5 Xen "standard" Xen Installation. I have two nics. I just put the second one to DHCP and modified the ifcfg-et01 and so far I am holding, but I am not confident. Prior they were sequential IP Addrs on same subnet. arpwatch has indicated flip flips. I can find no rhyme or reason to predict them. I know I missed I must have missed a step somewhere. I want to keep the

This patch adds an ACM hook into the network scripts (/etc/xen/scripts). It adds iptables rules that enforce mandatory access control on network packets exchanged between virtual interfaces. If ACM is active, this patch sets the default FORWARD policy in Dom0 to DROP and adds iptables ACCEPT rules between vifs that belong to domains that are permitted to share (determined by using the

Package: xen-utils-common Version: 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5 Severity: important Tags: patch security -- System Information: Debian Release: 9.4 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),

Currently using physdev on a bridge to try and isolate certain paths across and to the bridge. It all works except when trying to stop the flow in one direction on the FORWARD chain?? Can someone please help?? Below is the testing done so far. eth1 <---> BRIDGE <---> eth0 # Block (eth0 ---> eth1) - blocks both directions and not just one?? iptables -A FORWARD -m physdev

Hi folks, in 2.4 kernels, device matching for bridged packets was done with iptables -i/-o. Since 2.6, I was used to use -m physdev here. In 2.6.18, This seems to be more complicated. At least the filter/INPUT chain now doesn't match with -m physdev --physdev-in anymore, but FORWARD and OUTPUT does. I also read the note that -m phydev is now deprecated for non-bridged traffic. Does this

http://bugzilla.netfilter.org/show_bug.cgi?id=751 Summary: IPv6 bridging bug Product: iptables Version: unspecified Platform: x86_64 OS/Version: Gentoo Status: NEW Severity: normal Priority: P3 Component: ip6tables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: david at

Hello list, I''m using xen2.6 with a 2.6.11 kernel my config: kernel = "/boot/vmlinuz-2.6.11-xenU" memory = 1280 name = "s51" nics=1 vif = [ ''ip=82.149.232.51,mac=00:E0:81:29:71:3D'' ] disk = [ ''file:/home/xen/51/diskimage,sda1,w'', ''file:/home/xen/51/swapimage,sda2,w'',

Hello there, I''ve got a problem regarding my XEN network setup. First of all, I''ll just tell you what doesn''t work: the access to a forwarded (natted) port (e.g. port 80 http) of a dom (no matter if dom0 or domU) to the servers external ip address (from "inside") does not work (connection refused). Here''s the layout of my xen virtual network: