Hi, there is gentoo based dom0 with Xen 3.0.4-p1 and some PV guests with various linux distros. We are using bridged networking with one eth0. We have 15 IP adresses with netmask 255.255.255.0. All IPs are using same gateway. Up to now we were adding domU based on our needs w/o problems. Yesterday we wanted to add new Debian based domU but its networking doesnt work properly. This 8th domU comes up ... than we realized that its not possible to ping/ssh 8th from outside world. Ping/ssh from dom0 to 8th domU works. On the other side ping/ssh to other domUs and dom0. What is realy weird is that domUs 1-7 works total without problem. All domUs are using same guest kernel. Trying another IP for this last domU doesnt improve situation. Even using IP from some working domU. 8th_domU ----- > dom0 = OK dom0 ------------ > 8th_domU = OK 8th_domU ----- > internet IP = NO internet IP ----- > 8th_domU = NO>From 8th_domU is not possible to get outside, so not possible to getupdates etc.. 8th_domU ----- > other_domU = OK other_domU ----- > 8th_domU = OK Running route -n in domU: debian:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 59.14.51.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 59.14.51.1 0.0.0.0 UG 0 0 0 eth0 I think it is missing loopback...? Ping to gateway doesnt works. Buth the whole configuration of this domU including kernel is just same as of the working ones! Loopback problem in dom0 config? We are using this: module /xenkernel root=/dev/md2 max_loop=128 Important info: We do not use iptables in dom0. Plain default bridge xen install. We made another test with configuring dummy to the same IP adres like 8th domU: ifconfig dummy0 59.14.51.10 netmask 255.255.255.0 up And - yes this is working....ping from outside xen machine w/o problem. Please can anybody tell me what is going on here? Br Peter Braun _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Peter Braun
2007-May-27 08:23 UTC
Re: [Xen-users] 8th DomU can ping bridge but not internet
2007/5/27, Igor Chubin <igor@chub.in>:> On Sa, Mai 26, 2007 at 03:42:23 +0200, Peter Braun wrote: > > Hi, > > > > there is gentoo based dom0 with Xen 3.0.4-p1 and some PV guests with > > various linux distros. > > > > We are using bridged networking with one eth0. > > > > We have 15 IP adresses with netmask 255.255.255.0. > > All IPs are using same gateway. > > > > Up to now we were adding domU based on our needs w/o problems. > > > > Yesterday we wanted to add new Debian based domU but its networking > > doesnt work properly. > > > > This 8th domU comes up ... than we realized that its not possible to > > ping/ssh 8th from outside world. Ping/ssh from dom0 to 8th domU works. > > On the other side ping/ssh to other domUs and dom0. > > > > Hello, Peter! > > I have faced similar problem. > > Try to change MAC-address in 8th domU. > That solved the problem for me. > > --Hi, am specyfiing MAC for every DomU. So based on your recommendation I changed vif for 8th DomU to vif=[ ''ip=x.x.x.x'' ] only - without specifying MAC - situation hasnt changed. Still not able to create new domU with internet access. Any other idea? Peter _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Peter Braun
2007-May-27 09:24 UTC
Re: [Xen-users] 8th DomU can ping bridge but not internet
New idea: When bridged networking - is there need for functional IPTables? In other words - to have working bridgeing do I have to have working iptables in dom0? iptables -L FATAL: Module ip_tables not found. iptables v1.3.5: can''t initialize iptables table `filter'': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Peter 2007/5/27, Peter Braun <xenware@gmail.com>:> 2007/5/27, Igor Chubin <igor@chub.in>: > > On Sa, Mai 26, 2007 at 03:42:23 +0200, Peter Braun wrote: > > > Hi, > > > > > > there is gentoo based dom0 with Xen 3.0.4-p1 and some PV guests with > > > various linux distros. > > > > > > We are using bridged networking with one eth0. > > > > > > We have 15 IP adresses with netmask 255.255.255.0. > > > All IPs are using same gateway. > > > > > > Up to now we were adding domU based on our needs w/o problems. > > > > > > Yesterday we wanted to add new Debian based domU but its networking > > > doesnt work properly. > > > > > > This 8th domU comes up ... than we realized that its not possible to > > > ping/ssh 8th from outside world. Ping/ssh from dom0 to 8th domU works. > > > On the other side ping/ssh to other domUs and dom0. > > > > > > > Hello, Peter! > > > > I have faced similar problem. > > > > Try to change MAC-address in 8th domU. > > That solved the problem for me. > > > > -- > > Hi, > > am specyfiing MAC for every DomU. So based on your recommendation I > changed vif for 8th DomU to vif=[ ''ip=x.x.x.x'' ] only - without > specifying MAC - situation hasnt changed. > > Still not able to create new domU with internet access. > > Any other idea? > > Peter >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Stephan Seitz
2007-May-27 13:48 UTC
RE: [Xen-users] 8th DomU can ping bridge but not internet
Hi, without deeper investigation into this behaviour, i would assume that you run out of your device namespace after the 7th. domU. Stephan Seitz -----Original Message----- From: xen-users-bounces@lists.xensource.com on behalf of Peter Braun Sent: Sun 27.05.2007 11:24 To: Xen users mailing list Subject: Re: [Xen-users] 8th DomU can ping bridge but not internet New idea: When bridged networking - is there need for functional IPTables? In other words - to have working bridgeing do I have to have working iptables in dom0? iptables -L FATAL: Module ip_tables not found. iptables v1.3.5: can''t initialize iptables table `filter'': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Peter 2007/5/27, Peter Braun <xenware@gmail.com>:> 2007/5/27, Igor Chubin <igor@chub.in>: > > On Sa, Mai 26, 2007 at 03:42:23 +0200, Peter Braun wrote: > > > Hi, > > > > > > there is gentoo based dom0 with Xen 3.0.4-p1 and some PV guests with > > > various linux distros. > > > > > > We are using bridged networking with one eth0. > > > > > > We have 15 IP adresses with netmask 255.255.255.0. > > > All IPs are using same gateway. > > > > > > Up to now we were adding domU based on our needs w/o problems. > > > > > > Yesterday we wanted to add new Debian based domU but its networking > > > doesnt work properly. > > > > > > This 8th domU comes up ... than we realized that its not possible to > > > ping/ssh 8th from outside world. Ping/ssh from dom0 to 8th domU works. > > > On the other side ping/ssh to other domUs and dom0. > > > > > > > Hello, Peter! > > > > I have faced similar problem. > > > > Try to change MAC-address in 8th domU. > > That solved the problem for me. > > > > -- > > Hi, > > am specyfiing MAC for every DomU. So based on your recommendation I > changed vif for 8th DomU to vif=[ ''ip=x.x.x.x'' ] only - without > specifying MAC - situation hasnt changed. > > Still not able to create new domU with internet access. > > Any other idea? > > Peter >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Igor Chubin
2007-May-27 16:27 UTC
Re: [Xen-users] 8th DomU can ping bridge but not internet
On So, Mai 27, 2007 at 10:23:38 +0200, Peter Braun wrote:> 2007/5/27, Igor Chubin <igor@chub.in>: > >On Sa, Mai 26, 2007 at 03:42:23 +0200, Peter Braun wrote: > >> Hi, > >> > >> there is gentoo based dom0 with Xen 3.0.4-p1 and some PV guests with > >> various linux distros. > >> > >> We are using bridged networking with one eth0. > >> > >> We have 15 IP adresses with netmask 255.255.255.0. > >> All IPs are using same gateway. > >> > >> Up to now we were adding domU based on our needs w/o problems. > >> > >> Yesterday we wanted to add new Debian based domU but its networking > >> doesnt work properly. > >> > >> This 8th domU comes up ... than we realized that its not possible to > >> ping/ssh 8th from outside world. Ping/ssh from dom0 to 8th domU works. > >> On the other side ping/ssh to other domUs and dom0. > >> > > > >Hello, Peter! > > > >I have faced similar problem. > > > >Try to change MAC-address in 8th domU. > >That solved the problem for me. > > > >-- > > Hi, > > am specyfiing MAC for every DomU. So based on your recommendation I > changed vif for 8th DomU to vif=[ ''ip=x.x.x.x'' ] only - without > specifying MAC - situation hasnt changed. > > Still not able to create new domU with internet access. > > Any other idea? >Another idea. Try to load netloop module with the nloopbacks parameter: modprobe netloop nloopbacks=64 AFAIK, by default nloopbacks=8 or 7> Peter > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users-- WBR, i.m.chubin _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Igor Chubin
2007-May-27 16:40 UTC
Re: [Xen-users] 8th DomU can ping bridge but not internet
...> > Hi, > > > > am specyfiing MAC for every DomU. So based on your recommendation I > > changed vif for 8th DomU to vif=[ ''ip=x.x.x.x'' ] only - without > > specifying MAC - situation hasnt changed. > > > > Still not able to create new domU with internet access. > > > > Any other idea? > > > > > Another idea. > > Try to load netloop module with the nloopbacks parameter: > > modprobe netloop nloopbacks=64 >Silly idea. Sorry. As far as I remember, you''ve said that can ping domU from the dom0. If the problem was related to number of vif, you could ping not from dom0, neither from domU. Another idea. Try to investigate all of the interfaces (eth0 inside the 8th domU, bridge of the dom0 and the dom0 interface, that getting connected to the bridge) with tcpdump while pinging from domU. Find where packets are getting lost.> AFAIK, by default nloopbacks=8 or 7 > > > Peter > > > > _______________________________________________ > > Xen-users mailing list > > Xen-users@lists.xensource.com > > http://lists.xensource.com/xen-users > > -- > WBR, i.m.chubin > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users-- WBR, i.m.chubin _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Peter Braun
2007-May-27 19:14 UTC
Re: [Xen-users] 8th DomU can ping bridge but not internet
SOLVED! :) The problem was caused by ISP/colohouse. Server is connected via single ethernet port and there was MAC filter to 8 MACs per port. Now they removed MAC filter on ethernet port and new domUs without problem. I would like to thank people here on mailing-ling, hundred_ and FuzzyB on ##xen on irrc.freenode.net and grifferz of bitfolk.com for asistence. Br Peter Braun 2007/5/27, Igor Chubin <igor@chub.in>:> ... > > > Hi, > > > > > > am specyfiing MAC for every DomU. So based on your recommendation I > > > changed vif for 8th DomU to vif=[ ''ip=x.x.x.x'' ] only - without > > > specifying MAC - situation hasnt changed. > > > > > > Still not able to create new domU with internet access. > > > > > > Any other idea? > > > > > > > > > Another idea. > > > > Try to load netloop module with the nloopbacks parameter: > > > > modprobe netloop nloopbacks=64 > > > > Silly idea. Sorry. > > As far as I remember, you''ve said > that can ping domU from the dom0. > > If the problem was related to number of vif, > you could ping not from dom0, neither from domU. > > > Another idea. > > Try to investigate all of the interfaces > (eth0 inside the 8th domU, bridge of the dom0 > and the dom0 interface, that getting connected > to the bridge) > with tcpdump while pinging from domU. > > Find where packets are getting lost. > > > AFAIK, by default nloopbacks=8 or 7 > > > > > Peter > > > > > > _______________________________________________ > > > Xen-users mailing list > > > Xen-users@lists.xensource.com > > > http://lists.xensource.com/xen-users > > > > -- > > WBR, i.m.chubin > > > > > > _______________________________________________ > > Xen-users mailing list > > Xen-users@lists.xensource.com > > http://lists.xensource.com/xen-users > > -- > WBR, i.m.chubin > >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users