thr3ads.net - Xen users - [Xen-users] networking problem with xen [May 2006]

If this information is useful, please help other people find it:
Share via:

Nick Woolley

2006-May-22 20:24 UTC

[Xen-users] networking problem with xen

Hello,

I have been testing xen for a few days now, and things seem to be working
almost fine.

However, I am having seriously annoying problems with my networking setup.
On both dom0 and any domU I don’t seem to be able to resolve hostnames.  I
know it is definitely caused by xen and not some other networking related
issue as if I disable xend on bootup, nslookup resolutions and pings to
hosts lookup fine.

I can ping to ip addresses fine both locally and on the internet fine, just
not resolve hostnames.  

My ifconfig output on dom0 gives the following:

eth0      Link encap:Ethernet  HWaddr 00:E0:18:B5:96:2E  
          inet addr:192.168.1.50  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::2e0:18ff:feb5:962e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1084 (1.0 KiB)  TX bytes:1118 (1.0 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:560 (560.0 b)  TX bytes:560 (560.0 b)

peth0     Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:133 errors:0 dropped:0 overruns:0 frame:0
          TX packets:135 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:18299 (17.8 KiB)  TX bytes:14960 (14.6 KiB)
          Interrupt:18 

vif0.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1118 (1.0 KiB)  TX bytes:1470 (1.4 KiB)

xenbr0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
          inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:524 (524.0 b)  TX bytes:468 (468.0 b)

And if I enable virtual domains vif1.0 enables fine.  I also have the bridge
setup correctly I believe through:

bridge name     bridge id               STP enabled     interfaces
xenbr0          8000.feffffffffff       no              peth0
                                                        vif0.0
iptables is running with the following:

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            icmp any 
ACCEPT     ipv6-crypt--  anywhere             anywhere            
ACCEPT     ipv6-auth--  anywhere             anywhere            
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp 
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp
dpt:ssh 
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited

As I say, pings are fine, just network name resolutions.  I have tried using
ethtool to do the following:

ethtool -K peth0 tx off

as suggested by one other member on the mailing list but this didn''t
work
either.

I am at the end of the line in terms of ideas - it seems such a
frustratingly annoying problem and I believe I am so close!

Any help very much appreciated!

Nick

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.392 / Virus Database: 268.7.0/345 - Release Date: 22/05/2006
 


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Stephen Yum

2006-May-23 10:34 UTC

head link

Re: [Xen-users] networking problem with xen

Maybe I haven''t looked hard enough, but is your dom0 allowing port 53  
to get through in your iptables rules?
Have you tried turning off iptables on dom0 and seeing if that works?

S


On May 22, 2006, at 1:24 PM, Nick Woolley wrote:
> Hello,
>
> I have been testing xen for a few days now, and things seem to be  
> working
> almost fine.
>
> However, I am having seriously annoying problems with my networking  
> setup.
> On both dom0 and any domU I don’t seem to be able to resolve  
> hostnames.  I
> know it is definitely caused by xen and not some other networking  
> related
> issue as if I disable xend on bootup, nslookup resolutions and  
> pings to
> hosts lookup fine.
>
> I can ping to ip addresses fine both locally and on the internet  
> fine, just
> not resolve hostnames.
>
> My ifconfig output on dom0 gives the following:
>
> eth0      Link encap:Ethernet  HWaddr 00:E0:18:B5:96:2E
>           inet addr:192.168.1.50  Bcast:192.168.1.255  Mask: 
> 255.255.255.0
>           inet6 addr: fe80::2e0:18ff:feb5:962e/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:13 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:1084 (1.0 KiB)  TX bytes:1118 (1.0 KiB)
>
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:8 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:560 (560.0 b)  TX bytes:560 (560.0 b)
>
> peth0     Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
>           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
>           UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
>           RX packets:133 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:135 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:18299 (17.8 KiB)  TX bytes:14960 (14.6 KiB)
>           Interrupt:18
>
> vif0.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
>           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:15 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:1118 (1.0 KiB)  TX bytes:1470 (1.4 KiB)
>
> xenbr0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
>           inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:11 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:524 (524.0 b)  TX bytes:468 (468.0 b)
>
> And if I enable virtual domains vif1.0 enables fine.  I also have  
> the bridge
> setup correctly I believe through:
>
> bridge name     bridge id               STP enabled     interfaces
> xenbr0          8000.feffffffffff       no              peth0
>                                                         vif0.0
> iptables is running with the following:
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     icmp --  anywhere             anywhere            icmp any
> ACCEPT     ipv6-crypt--  anywhere             anywhere
> ACCEPT     ipv6-auth--  anywhere             anywhere
> ACCEPT     udp  --  anywhere             224.0.0.251         udp  
> dpt:5353
> ACCEPT     udp  --  anywhere             anywhere            udp  
> dpt:ipp
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
> ACCEPT     tcp  --  anywhere             anywhere            state  
> NEW tcp
> dpt:ssh
> REJECT     all  --  anywhere             anywhere            reject- 
> with
> icmp-host-prohibited
>
> As I say, pings are fine, just network name resolutions.  I have  
> tried using
> ethtool to do the following:
>
> ethtool -K peth0 tx off
>
> as suggested by one other member on the mailing list but this  
> didn''t work
> either.
>
> I am at the end of the line in terms of ideas - it seems such a
> frustratingly annoying problem and I believe I am so close!
>
> Any help very much appreciated!
>
> Nick
>
> -- 
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.392 / Virus Database: 268.7.0/345 - Release Date:  
> 22/05/2006
>
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Julius Spencer

2006-May-23 21:18 UTC

head link

Re: [Xen-users] networking problem with xen

Hi Nick,

This looks very like the the issue I''m having are you using CentOS 4.3 
with a source compile of xen 3.0.2-2?

Cheers,
Julius.

Nick Woolley wrote:> Hello,
> 
> I have been testing xen for a few days now, and things seem to be working
> almost fine.
> 
> However, I am having seriously annoying problems with my networking setup.
> On both dom0 and any domU I don’t seem to be able to resolve hostnames.  I
> know it is definitely caused by xen and not some other networking related
> issue as if I disable xend on bootup, nslookup resolutions and pings to
> hosts lookup fine.
> 
> I can ping to ip addresses fine both locally and on the internet fine, just
> not resolve hostnames.  
> 
> My ifconfig output on dom0 gives the following:
> 
> eth0      Link encap:Ethernet  HWaddr 00:E0:18:B5:96:2E  
>           inet addr:192.168.1.50  Bcast:192.168.1.255  Mask:255.255.255.0
>           inet6 addr: fe80::2e0:18ff:feb5:962e/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:13 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0 
>           RX bytes:1084 (1.0 KiB)  TX bytes:1118 (1.0 KiB)
> 
> lo        Link encap:Local Loopback  
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:8 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0 
>           RX bytes:560 (560.0 b)  TX bytes:560 (560.0 b)
> 
> peth0     Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
>           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
>           UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
>           RX packets:133 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:135 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000 
>           RX bytes:18299 (17.8 KiB)  TX bytes:14960 (14.6 KiB)
>           Interrupt:18 
> 
> vif0.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
>           inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:15 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0 
>           RX bytes:1118 (1.0 KiB)  TX bytes:1470 (1.4 KiB)
> 
> xenbr0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF  
>           inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:11 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0 
>           RX bytes:524 (524.0 b)  TX bytes:468 (468.0 b)
> 
> And if I enable virtual domains vif1.0 enables fine.  I also have the
bridge
> setup correctly I believe through:
> 
> bridge name     bridge id               STP enabled     interfaces
> xenbr0          8000.feffffffffff       no              peth0
>                                                         vif0.0
> iptables is running with the following:
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination         
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere            
> 
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination         
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere            
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination         
> 
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination         
> ACCEPT     all  --  anywhere             anywhere            
> ACCEPT     icmp --  anywhere             anywhere            icmp any 
> ACCEPT     ipv6-crypt--  anywhere             anywhere            
> ACCEPT     ipv6-auth--  anywhere             anywhere            
> ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353 
> ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp 
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED 
> ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp
> dpt:ssh 
> REJECT     all  --  anywhere             anywhere            reject-with
> icmp-host-prohibited
> 
> As I say, pings are fine, just network name resolutions.  I have tried
using
> ethtool to do the following:
> 
> ethtool -K peth0 tx off
> 
> as suggested by one other member on the mailing list but this
didn''t work
> either.
> 
> I am at the end of the line in terms of ideas - it seems such a
> frustratingly annoying problem and I believe I am so close!
> 
> Any help very much appreciated!
> 
> Nick
> 
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Xen users - May 2006 - networking problem with xen

[Xen-users] networking problem with xen

Re: [Xen-users] networking problem with xen

Re: [Xen-users] networking problem with xen