Greetings!
I have recently started using Xen on Debian Etch and am pretty much impressed
how well things worked out. Now I stumbled into an issue which I could not
resolve.
The situation:
1. I successfully installed dom0, and am running the Xen enabled kernel.
2. The dom0 system is connected to the web and it''s IP address is
pingable,
I can ssh into the dom0 system.
3. The dom0 system now has one hardware interface, named eth2, which is the one
connected to the web. This interface got an IP assigned from the providers
own network.
4. I do have a small 8 IP range network which from which I have configured two
IPs as eth2:1 and eth2:2.
5. eth2 and the virtual interfaces have different subnets, thus eth2 e.g. has
the address A.B.192.33, and eth2:1 is A.B.207.160, and eth2:2 is A.B.207.161.
Now I created guests and assigned eth2:1 and eth2:2 to them.
I can ping the guests IPs from the outside, and when I console into the guest
using xm console I can see it''s ifconfig showing the correct IP.
But here comes trouble: neither do packages for the assigned IP reach the guest,
nor can I reach any IP from within the guest.
I couldn''t find any solution to this issue, searched several hours on
Wiki and
google. Could anyone give me some hints what I am doing wrong?
With kind regards,
Daniel S. Reichenbach
/sbin/ifconfig with no guest running:
eth2 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.192.33 Bcast:192.168.192.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7104 errors:0 dropped:0 overruns:1 frame:0
TX packets:739 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:482249 (470.9 KiB) TX bytes:100643 (98.2 KiB)
Interrupt:11 Base address:0xa000
eth2:0 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.160 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
eth2:1 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.161 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
eth2:2 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.162 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
eth2:3 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.163 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)
xenbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:440 (440.0 b) TX bytes:0 (0.0 b)
/sbin/ifconfig with both guests running:
eth2 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.192.33 Bcast:192.168.192.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7750 errors:0 dropped:0 overruns:1 frame:0
TX packets:847 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:531053 (518.6 KiB) TX bytes:116999 (114.2 KiB)
Interrupt:11 Base address:0xa000
eth2:0 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.160 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
eth2:1 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.161 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
eth2:2 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.162 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
eth2:3 Link encap:Ethernet HWaddr 00:04:75:F9:95:CF
inet addr:192.168.207.163 Bcast:192.168.207.168 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0xa000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)
vif2.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:440 (440.0 b) TX bytes:280 (280.0 b)
vif3.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:224 (224.0 b) TX bytes:378 (378.0 b)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1104 (1.0 KiB) TX bytes:0 (0.0 b)
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
On 2/5/07, Daniel S. Reichenbach <daniel.s.reichenbach@mac.com> wrote:>I can ping the guests IPs from the outside, and when I console into the guest > using xm console I can see it''s ifconfig showing the correct IP. > But here comes trouble: neither do packages for the assigned IP reach the guest,The last sentence is in direct conflict to the first one. if you can ping it, packages reach the guest..> nor can I reach any IP from within the guest.So the guest is pingable from the outside, but can''t ping to the outside and get replies back?> I couldn''t find any solution to this issue, searched several hours on Wiki and > google. Could anyone give me some hints what I am doing wrong?Hi, knowing that some things are hard to explain in just three words, I still have a bit of a hard time understanding this long post. At first glance, I see all the aliases you give for eth2:X and don''t understand, what this is good for. I see you try to assign your different network segments, but I don''t understand why and what for. Another important question: do you want to use bridged, nat or routed networking? For what kind of virtual setup are you heading here - can you give us a big picture of the whole network? I also don''t understand why you don''t have an eth0 or eth1. Can you explain your hardware setup? Still, some things you might try: 1)If you use bridging, it''s possi ble that the default bridge setup does assume that vif0.0 is the dom0 interface, and tries to add this ti the bridge. If you only have eth2, and therefore vif2.0 (hmm, right?!), that might not work. Look at brctl show if all interfaces are connected to bridges correctly. 2) look with tcpdump to check on which interface your packets get lost 3) when you hook your different subnet into one pohysical bridge (which is strrange and I donät see the reason what this should bring), the you have to make sure that packet get routed somewhere, or the interfaces in the different subnets can''t connect each other. Henning _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi again, first, I have to admit that english is not my native language, so I am having a hard time to describe such things. I will try to explain it a bit better.>So the guest is pingable from the outside, but can''t ping to the >outside and get replies back?I can ping the IP addresses, yes. I can not ping anything from inside the guest.>At first glance, I see all the aliases you give for eth2:X and don''t >understand, what this is good for. I see you try to assign your >different network segments, but I don''t understand why and what for.Perhaps I am lacking some knowledge in configuring network interfaces here? I wanted to have my network card eth2 listen to the providers IP and to the two aliases. Since I am quite new to this, I might have choosen the wrong method.>Another important question: do you want to use bridged, nat or routed >networking? For what kind of virtual setup are you heading here - can >you give us a big picture of the whole network?That''s what I am not sure off. I''ll try a little picture. eth2 (( dom0 )) eth2:1 eth2:2 (( used to host a small webserver )) (( hosting a mail server )) Now I wanted the dom0 system to redirect all packages for the IP of eth2:1 to the matching XEN guest, same for eth2:2. Again, I am new to all this, so I''m not aware, which method is the right one for me to use in such a case. If that''s just the wrong method to set things up, what''s right? Any help is very much appreciated. Feeling totally stupid on this one.> I also don''t understand why you don''t have an eth0 or eth1. Can you >explain your hardware setup?There is a eth0 and eth1 network interface available, but these are only used for local networks, eth0 is connected to a backup host, eth1 is connected to my private network.>Look at brctl show if all interfaces are connected to bridges correctly.So I ran xm create for the first guest, and after starting it, brctrl show gives bridge name bridge id STP enabled interfaces xenbr2 8000.feffffffffff no vif1.0 Now I checked if vif1.0 is really attached to my guest, and xm network-list for the domain shows Idx BE MAC Addr. handle state evt-ch tx-/rx-ring-ref BE-path 0 0 00:16:3e:43:34:ed 0 4 8 522 /523 /local/domain/0/backend/vif/1/0 If I am not totally stupid, this tells me, the virtual network interface of my guest, is attached to xenbr2, which in turn is the bridge for eth2.>3) when you hook your different subnet into one pohysical bridge >(which is strrange and I donät see the reason what this should bring),I''m not really sure, how to do this right. But I probably lack knowledge on network setups in this case. I would have to add routes in the dom0 for the guests, right? With kind regards, Daniel _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 2/5/07, Daniel S. Reichenbach <daniel.s.reichenbach@mac.com> wrote:> Hi again, > > first, I have to admit that english is not my native language,mine neither, but we''ll manage this :)> >So the guest is pingable from the outside, but can''t ping to the > >outside and get replies back? > I can ping the IP addresses, yes. I can not ping anything from inside the guest.Sounds strange. please use tcpdump to see on which interface your packets get lost.> >At first glance, I see all the aliases you give for eth2:X and don''t > >understand, what this is good for. I see you try to assign your > >different network segments, but I don''t understand why and what for. > Perhaps I am lacking some knowledge in configuring network interfaces here? > I wanted to have my network card eth2 listen to the providers IP and to > the two aliases. Since I am quite new to this, I might have choosen the wrong > method.What is your dom0 doing with so many aliases? Should dom0 be the router for these alias networks? Or do firewalling. If so, you didn''t tell us yet, but it''s an important thing to know to understand your setup.> > >Another important question: do you want to use bridged, nat or routed > >networking? For what kind of virtual setup are you heading here - can > >you give us a big picture of the whole network? > That''s what I am not sure off. I''ll try a little picture. > > eth2 (( dom0 )) > > eth2:1 eth2:2 > (( used to host a small webserver )) (( hosting a mail server ))Why do you want to run services on dom0''s eth2:1 interface? Don''t you want to run these in domU''s? Than, I don''t see what eth2:X are needed for here. Or do you want to to destination natting on eth2 to forward everything on eth2:1''s IP adress and port 80 tom some domU.> Now I wanted the dom0 system to redirect all packages for the IP of eth2:1 > to the matching XEN guest, same for eth2:2.What is this for? If you use a bridge here, the packets get automatically to the domU. Just give the right IP to the domU''s interface, instead of eth2:1/eth2:2. BTW, this does still not tell us, which type of networking you are trying to use. Which networs-script do you have configured in xend-config.sxp?> > Again, I am new to all this, so I''m not aware, which method is the right one for > me to use in such a case. > > If that''s just the wrong method to set things up, what''s right?Depends on what you want to do. If you want dom0 to act as a firewall for the domU systems, then you need something more than a simple bridging setup, right. In the wiki the xen networking setups are explained.> Any help is very > much appreciated. Feeling totally stupid on this one. > > > I also don''t understand why you don''t have an eth0 or eth1. Can you > >explain your hardware setup? > There is a eth0 and eth1 network interface available, but these are only used > for local networks, eth0 is connected to a backup host, eth1 is connected to my > private network. > > >Look at brctl show if all interfaces are connected to bridges correctly. > So I ran xm create for the first guest, and after starting it, brctrl show gives > > bridge name bridge id STP enabled interfaces > xenbr2 8000.feffffffffff no vif1.0 > > Now I checked if vif1.0 is really attached to my guest, and xm network-list for > the domain shows > > Idx BE MAC Addr. handle state evt-ch tx-/rx-ring-ref BE-path > 0 0 00:16:3e:43:34:ed 0 4 8 522 /523 /local/domain/0/backend/vif/1/0 > > If I am not totally stupid, this tells me, the virtual network interface of > my guest, is attached to xenbr2, which in turn is the bridge for eth2.Hard to say something against that when I not want to insult you :) but: as you see, only one vif is attached to the bridge, and this is not the only belonging to dom0 I wonder how with this setup a ping can come trough to the domU from the putside, but maybe you also have some forwarding stuff...> > >3) when you hook your different subnet into one pohysical bridge > >(which is strrange and I donät see the reason what this should bring), > I''m not really sure, how to do this right. But I probably lack knowledge on > network setups in this case. > > I would have to add routes in the dom0 for the guests, right?It must not even be dom0. Could also be a domU in that is also bridged to the outer interface. But I see no use in haveing diffrent subnets in the same physical and even setup a router for them, so machine that could communicate much easier need to be routed in the same ohysical net. There could be reasons, but it sounds strange. Finally, it''s hard to tell you how to get there if you don''t know exactly where you wanna go. I''d really recommend reading he wiki pages about networking setups. Then think about your network setup, and even take a pencil and do some drawing, so yoiu are very clear which (virtual) interface should have which addresses, and how and where routing takes place between different networks. Decide if you need simple bridged networking, or routed or natted setup, and make sure you know why you are doing this and what it will bring you. If you have these, test and see how far you come, ask again here if you have further problems, and maybe show us the drawing of the setup you have done in the meantime so we get an idea of what you want to do :) Henning _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi again,>Finally, it''s hard to tell you how to get there if you don''t know >exactly where you wanna go.I will give it another try. Been reading up on different network setups, and I used the pictures provided on the Wiki and used them as a template to draw what I am looking for. This is it: http://www.marenkay.com/wp-content/uploads/misc/XEN/networks.png What we have here, is my server, running Debian Etch, with XEN and dom0 on it. It has three network interfaces: * eth0 is connected to a backup storage system. * eth1 is connected to my private network. * eth2 is the web connection and has a public IP address. Let''s stick to the dummy IP used in my previous mail, currently using 192.168.192.33, as it''s the address block my provider uses for the rack where my system is living. I do want to run two guest systems on this server, one being dom1 which should run a small HTTP server for hosting subversion, and related tools, the second one being dom2, running a mail server. My provider has assigned a small address block from 192.168.207.160 through 192.168.207.167, so it''s a /29 network if I am not totally wrong. Now I am supposed to use these IP addresses in order to host my services. Thus I configured them as aliases for eth2. Now I would have to route to dom1 and dom2. Does that make it understandable? And even more important, does that approach make sense or is there a better solution for this? I am open to suggestions, as I am just learning all this stuff. With kind regards, Daniel _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 2/5/07, Daniel S. Reichenbach <daniel.s.reichenbach@mac.com> wrote:> Hi again, > > >Finally, it''s hard to tell you how to get there if you don''t know > >exactly where you wanna go. > I will give it another try. Been reading up on different network setups, and I > used the pictures provided on the Wiki and used them as a template to draw what > I am looking for. > > This is it: http://www.marenkay.com/wp-content/uploads/misc/XEN/networks.png > > What we have here, is my server, running Debian Etch, with XEN and dom0 on it. > It has three network interfaces: > > * eth0 is connected to a backup storage system. > * eth1 is connected to my private network. > * eth2 is the web connection and has a public IP address. Let''s stick to the > dummy IP used in my previous mail, currently using 192.168.192.33, as it''s > the address block my provider uses for the rack where my system is living. > > I do want to run two guest systems on this server, one being dom1 which should > run a small HTTP server for hosting subversion, and related tools, the second > one being dom2, running a mail server. > > My provider has assigned a small address block from 192.168.207.160 through > 192.168.207.167, so it''s a /29 network if I am not totally wrong. Now I am > supposed to use these IP addresses in order to host my services. > > Thus I configured them as aliases for eth2. Now I would have to route to dom1 > and dom2. > > Does that make it understandable? And even more important, does that approach > make sense or is there a better solution for this?It''s getting clearer now. Now, in your image, you need to add NICs for the domU systems. And think about how to connect them to the outer world. The simplest way is, create a bridge, and hook the vif connected to dom0s eth2 in it: this is, vif0.2, I think - the first number stands for the domain id, the second for the X in ethX of the interface in this domain. Imagine theres a virtual cross-cable between vif0.2 and eth2 (I am not always exactly sure, why one cannot just connect eth2 to the bridge, but it is that way). That is done with some parameters in xend-config.sxp, I believe, but I am not sure which one right now, by default the network-bridge script will hook vif0.0(which is connected to eth0) to bridge xenbr0. after that, when defining vif-script as the default vif-script, your domU systems should automatically be hooked to the same bridge at startup. Assign the nics inside of the domU the ip addresses, and that should be it. basically, your setup will be this one: http://wiki.xensource.com/xenwiki/XenNetworking?highlight=%28networking%29#head-602e26cd4a03b992f3938fe1bea03fa0fea0ed8b But you will have peth2, eth2, vif0.2 - and you have only one NIC on dom1, but an additionaö dom2 with eth0 and vif2.0 connected to the bridge. then you directly assign the IP Adresses from you block to the eth0 NICs inside the domU systems. If you want dom0 act as a firewall, you have to go for some other, natted or routed setup. Then it gets a bit more complex, but as you asked for the simple solution, this is bridging. Henning _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi again,>It''s getting clearer now.Phew! Lucky me.>basically, your setup will be this one: >http://wiki.xensource.com/xenwiki/XenNetworking?highlight=%28networking%29#head-602e26cd4a03b992f3938fe1bea03fa0fea0ed8b >But you will have peth2, eth2, vif0.2 - and you have only one NIC on >dom1, but an additionaö dom2 with eth0 and vif2.0 connected to the >bridge. then you directly assign the IP Adresses from you block to the >eth0 NICs inside the domU systems.Well, I think I understood that, and by reading through the 3.0 manual, I think I can make of the matching configuration for the bridge. What I am trying hard to understand is the way of properly configuring the IP addresses. I know how to get everything set up in the guest configuration, but what I didn''t understand is: Do I still add my IP addresses for the guests as alias to the interface list? I have found this article http://www.debian-administration.org/articles/360 and it describes what I wanted much better than I could. Better drawing skills obviously. The author is actually in the same situation as I am. I fear, this all will end in a newbie howto which I will have to write to pay for all the help. With kind regards, Daniel _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 2/5/07, Daniel S. Reichenbach <daniel.s.reichenbach@mac.com> wrote: > Do I still add my IP addresses for the guests as alias to the interface list? No, nothing like that. Just as for any real machine, the only place where the domU IP Adresses appear is inside the domU in your interfaces config.> I fear, this all will end in a newbie howto which I will have to write to pay > for all the help.No fear! Check the esicting ones, try to figure out what in the xennetworking wiki pages was missing to make you understand it immediately, and help to improve it :) Have fun, Henning _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi,>Just as for any real machine, the only place where the domU IP >Adresses appear is inside the domU in your interfaces config.and this was exactly what I didn''t get from reading the Wiki! Huge thanks for your help. Time to have lunch, then I''ll give things a fresh try. With kind regards, Daniel _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi, I''ve been bashing my head over Xen networking for about a week now,
and I''d love to get some help from the list. I''ve read the
Wiki, the
manual, the mailing list archives, and Googled my fingers to the bone.
I''ll try to describe my problem as best as I can; if I''ve left
anything
relevant out, please let me know what you need. In a nutshell:
-The server is at a colo facility, and I have no physical access to it,
just ssh.
-I have the IP addresses A.B.94.226 through 94.230. The gateway is at
94.225.
-Dom0 is configured with A.B.94.226. I''ve only set up a single DomU,
with A.B.94.227. I''m using Xen''s bridging scripts.
-Dom0 can ping DomU. DomU can ping Dom0. Dom0 can reach the internet and
be reached by it, but DomU cannot.
DomU''s /etc/network/interfaces:
root@dom0:~# cat /etc/network/interfaces
# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
# /usr/share/doc/ifupdown/examples for more information.
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
# Uncomment this and configure after the system has booted for the first
time
auto eth0
iface eth0 inet static
address A.B.94.227
netmask 255.255.255.248
gateway A.B.94.225
DomU config file:
root@dom0:~# cat /etc/xen/domU
# -*- mode: python; -*-
kernel = "/boot/vmlinuz-2.6.16.29-xen"
ramdisk = "/boot/initrd.img-2.6.16-29-xen"
memory = 128
name = "domU"
vif = [''bridge=xenbr0,ip=A.B.94.227'']
disk
[''phy:/dev/xenvolume/domU,sda1,w'',''phy:/dev/xenvolume/domU-swap,sda2,w'']
netmask = "255.255.255.248"
gateway = "A.B.94.225"
hostname = "domU"
root = "/dev/sda1 ro"
Some more info from Dom0:
root@dom0:~# brctl show
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
peth0
vif1.0
root@dom0:~# brctl showmacs xenbr0
port no mac addr is local? ageing timer
1 00:14:85:f7:ea:67 no 0.00
2 00:19:56:5a:e9:d5 no 1.03
2 00:60:3e:0b:9c:48 no 0.00
1 fe:ff:ff:ff:ff:ff yes 0.00
dom0 xend-config.sxp:
root@dom0:~# cat /etc/xen/xend-config.sxp | grep -v "^#" | grep
"[a-z]"
(xend-relocation-server yes)
(xend-relocation-hosts-allow ''^localhost$
^localhost\\.localdomain$'')
(network-script network-bridge)
(vif-script vif-bridge)
(dom0-min-mem 196)
(dom0-cpus 0)
I tried a tcpdump on dom0 while pinging an outside-the-network host from
domU, here''s what I get:
domU:
root@domU:~# ping -c4 4.2.2.1
PING 4.2.2.1 (4.2.2.1) 56(84) bytes of data.>From A.B.94.227 icmp_seq=1 Destination Host Unreachable
>From A.B.94.227 icmp_seq=2 Destination Host Unreachable
>From A.B.94.227 icmp_seq=3 Destination Host Unreachable
>From A.B.94.227 icmp_seq=4 Destination Host Unreachable
--- 4.2.2.1 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time
3002ms
, pipe 3
root@domU:~# ping -c4 A.B.94.226
PING A.B.94.226 (A.B.94.226) 56(84) bytes of data.
64 bytes from A.B.94.226: icmp_seq=1 ttl=64 time=0.113 ms
64 bytes from A.B.94.226: icmp_seq=2 ttl=64 time=0.107 ms
64 bytes from A.B.94.226: icmp_seq=3 ttl=64 time=0.090 ms
64 bytes from A.B.94.226: icmp_seq=4 ttl=64 time=0.087 ms
--- A.B.94.226 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.087/0.099/0.113/0.013 ms
Meanwhile in dom0:
root@dom0:~# tcpdump src host 66.254.94.227 -vv -a
tcpdump: WARNING: vif0.0: no IPv4 address assigned
tcpdump: listening on vif0.0, link-type EN10MB (Ethernet), capture size
96 bytes
14:57:36.016831 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:37.016795 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:38.016804 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:39.026781 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:40.026796 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:41.026795 arp who-has woc.gw.webhost.net tell woc-2.ce.webhost.net
14:57:54.872056 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 1, length 64
14:57:55.871054 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 2, length 64
14:57:56.870039 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 3, length 64
14:57:57.869040 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
ICMP (1), length: 84) woc-2.ce.webhost.net > woc-1.ce.webhost.net: ICMP
echo request, id 30474, seq 4, length 64
14:57:59.864254 arp reply woc-2.ce.webhost.net is-at 00:16:3e:39:f0:ab
(oui Unknown)
11 packets captured
25 packets received by filter
0 packets dropped by kernel
root@dom0:~#
As you can see, when domU is trying to ping 4.2.2.1, it''s sending ARP
who-has requests that apparently never get answered. When domU is trying
to ping dom0, it just pings it with no problems. So where should I start
looking for a misconfiguration? How can I troubleshoot this?
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users