thr3ads.net - Xen users - [Xen-users] Network / Xen & Suse 9.3 ... help appreciated [Aug 2005]

If this information is useful, please help other people find it:
Share via:

ervin

2005-Aug-28 18:22 UTC

[Xen-users] Network / Xen & Suse 9.3 ... help appreciated

I can create as many sub domains as I want and they work nicely but
isolated, meaning that no sub domains have access to the Internet nor
the intranet. Domain-0 is connected.

Can anyone help me with a hint .. I''m stuck / pls see relevant details
below

best regards  ev 

I use Xen with suse 9.3 as domain-0 & sub domains. Firewalls are disabled /

----------------------------------------------------------------------------
The config file for creating my sub domain: 

kernel = "/boot/vmlinuz-2.6.11.4-20a-xen"
memory = 50
name = "suse_base"
nics = 1
disk = [''file:/xen/suse_base.img,sda1,w'']
root = "/dev/sda1"
dhcp = "dhcp"

----------------------------------------------------------------------------
xm list of my environment: 

Name              Id  Mem(MB)  CPU  State  Time(s)  Console
Domain-0           0      150    0  r----   9662.2
suse_base          5       50    0  -b---     16.4    9605

----------------------------------------------------------------------------

This is the ifconfig from Domain-0 ... 1 sub domain is created 

eth0      Link encap:Ethernet  HWaddr 00:50:FC:74:5B:A1
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::250:fcff:fe74:5ba1/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5739 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1314 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:809120 (790.1 Kb)  TX bytes:196770 (192.1 Kb)
          Interrupt:10 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:14661 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14661 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1291266 (1.2 Mb)  TX bytes:1291266 (1.2 Mb)

vif5.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:5 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

xen-br0   Link encap:Ethernet  HWaddr 00:50:FC:74:5B:A1
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.255
          inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5627 errors:0 dropped:0 overruns:0 frame:0
          TX packets:783 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:716470 (699.6 Kb)  TX bytes:131986 (128.8 Kb)
----------------------------------------------------------------------------

This is the ifconfig from the sub domain:

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:260 (260.0 b)  TX bytes:260 (260.0 b)
----------------------------------------------------------------------------

When I use "network start" in /etc/xen/scripts in the sub domain, I
get this:

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:260 (260.0 b)  TX bytes:260 (260.0 b)

xen-br0   Link encap:Ethernet  HWaddr AA:00:00:79:FD:C9
          inet6 addr: fe80::a800:ff:fe79:fdc9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:320 (320.0 b)

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Robbie Dinn

2005-Aug-29 17:54 UTC

head link

Re: [Xen-users] Network / Xen & Suse 9.3 ... help appreciated

ervin wrote:> I can create as many sub domains as I want and they work nicely but
> isolated, meaning that no sub domains have access to the Internet nor
> the intranet. Domain-0 is connected.
> 
[snip]>
----------------------------------------------------------------------------
> The config file for creating my sub domain: 
> 
> kernel = "/boot/vmlinuz-2.6.11.4-20a-xen"
> memory = 50
> name = "suse_base"
> nics = 1
> disk = [''file:/xen/suse_base.img,sda1,w'']
> root = "/dev/sda1"
> dhcp = "dhcp"
> 
>
----------------------------------------------------------------------------
Do you have a vif line in your config file above?
something like:

   vif = [ ''mac=aa:00:xx:yy:zz:ww, bridge=xen-br0'' ]

where you want to change the xx, yy, zz and ww to
some random values (so there is a good chance they
don''t clash with another machine.

I believe this sets the ethernet MAC address for the
virtual ethernet interface inside the DomU domain
("suse_base" in your case). It may only be a virtual
ethernet interface rather that physical one but it
still has to have a MAC address.

Hope that helps.

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Damjan Rems

2005-Aug-30 07:02 UTC

head link

Re: [Xen-users] Network / Xen & Suse 9.3 ... help appreciated

My SUSE XEN experience so far. Unfortunatly I lost
lots of time learning iptables. And I have failed ;-(

Turn off SUSE firewall. It doesn''t allow comunications
beetween domains. 

With firewall off you have another problem. Security.
I  gave up learning iptables and downloaded fwbuilder
with which I was able to set secure firewall rules (I
hope). fwbuilder is realy simple once you understand
how it works.

I have attached file to start my xen domains. I am no
Linux expert so I may have spoiled some settings but I
have experimented a lot and this now works for me. On
each domain I also run this script:

ifconfig eth0 192.168.1.22x
route add default gw 192.168.1.1 eth0

Now I have:
dom0 ip:192.168.1.220
dom1 ip:192.168.1.221
dom2 ip:192.168.1.222
and I can access internet from all of my domains.

I hope it helps

by

TheR



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Xen users - Aug 2005 - Network / Xen & Suse 9.3 ... help appreciated

[Xen-users] Network / Xen & Suse 9.3 ... help appreciated

Re: [Xen-users] Network / Xen & Suse 9.3 ... help appreciated

Re: [Xen-users] Network / Xen & Suse 9.3 ... help appreciated