Hello, I''m using 802.1Q VLAN [1] default on my Xen Server (RHEL5.1) but I can''t see the interface xenbr0. # cat /proc/net/vlan/config VLAN Dev name | VLAN ID Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD eth0.260 | 260 | eth0 eth0.261 | 261 | eth0 Someone have some tip? Thanks [1] http://www.candelatech.com/~greear/vlan.html -- Tiago Cruz http://everlinux.com Linux User #282636 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You can manualy create the bridge you need brctl addbr xenbr0 btctl addif xenbr0 eth0.260 Probably you''ll need to add some iptables rules to make the bridge forward packages: iptables -A FORWARD -m physdev --physdev-in tap+ -j ACCEPT iptables -m physdev --physdev-out tap+ -j ACCEPT iptables -m physdev --physdev-in eth0.260 -j ACCEPT iptables -m physdev --physdev-out eth0.260 -j ACCEPT I assume that you''re using bridged network and you want to access virtual machine from your vlan''s Tiago Cruz pisze:> Hello, > > I''m using 802.1Q VLAN [1] default on my Xen Server (RHEL5.1) but I can''t > see the interface xenbr0. > > # cat /proc/net/vlan/config > VLAN Dev name | VLAN ID > Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD > eth0.260 | 260 | eth0 > eth0.261 | 261 | eth0 > > Someone have some tip? > > Thanks > > [1] http://www.candelatech.com/~greear/vlan.html >- -- Pozdrawiam Dariusz Malec http://www.kos.wsiz.rzeszow.pl http://www.kos.wsiz.rzeszow.pl/~dmalec GG:1720216 JID:dmalec@jabber.kos.wsiz.rzeszow.pl "Podwładny powinien przed obliczem przełożonego mieć wygląd lichy i durnowaty, tak by swoim pojmowaniem istoty sprawy, nie peszyć przełożonego." Ukaz Cara Rosji Piotra I z 9 grudnia 1708 roku -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHzuuqjT0NFyejOD8RAjhtAJ9oQXFC5pms3NBRMhIqSItvv1TPlACfYXgE f6SgEm6sg3L7yoEpJ/p+NOc=jyL/ -----END PGP SIGNATURE----- _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tiago Cruz pisze:> On Wed, 2008-03-05 at 19:51 +0100, Dariusz Malec wrote: > >> You can manualy create the bridge you need >> >> brctl addbr xenbr0 >> btctl addif xenbr0 eth0.260 > > Hello Dariusz, > > It''s a very nice idea, but the problem is: The interface "xenbr0" does > not exist :-/That''s why you need to create it.> > How can I create her? >brctl addbr xenbr0 This command will create a bridge named xenbr0 and that name is also a interface name which you can assign ip address or use just as a bridge itself. - -- Pozdrawiam Dariusz Malec http://www.kos.wsiz.rzeszow.pl http://www.kos.wsiz.rzeszow.pl/~dmalec GG:1720216 JID:dmalec@jabber.kos.wsiz.rzeszow.pl "Podwładny powinien przed obliczem przełożonego mieć wygląd lichy i durnowaty, tak by swoim pojmowaniem istoty sprawy, nie peszyć przełożonego." Ukaz Cara Rosji Piotra I z 9 grudnia 1708 roku -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHzvGGjT0NFyejOD8RAnSyAKCfOBNDjMobSMffPp6SZ1z9KDRdBQCfTky1 cfnD6uy9uDOrWA6hSH61s/Y=5hSB -----END PGP SIGNATURE----- _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Wed, 2008-03-05 at 20:16 +0100, Dariusz Malec wrote:> brctl addbr xenbr0 > > This command will create a bridge named xenbr0 and that name is also a > interface name which you can assign ip address or use just as a bridge > itself.Hello Malec, Thanks for your tip. But, when I does this command: btctl addif xenbr0 eth0.260 I lost my VLAN 260. And the same for 261. The network stop to ping and stop to work... Did you have any other tip? Thanks -- Tiago Cruz http://everlinux.com Linux User #282636 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi, El mié, 05-03-2008 a las 19:42 -0300, Tiago Cruz escribió:> But, when I does this command: > btctl addif xenbr0 eth0.260 > > I lost my VLAN 260. And the same for 261. The network stop to ping and > stop to work... Did you have any other tip? >I had similar problems when I was configuring xen to work with different vlans. The solution for me was creating different bridges for different vlans, so I have xenbr0 with peth0 in it, xenbr10 with eth0.10 (and so on). -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 968367590 Fax: 968398337 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tiago Cruz pisze:> On Wed, 2008-03-05 at 20:16 +0100, Dariusz Malec wrote: > >> brctl addbr xenbr0 >> >> This command will create a bridge named xenbr0 and that name is also a >> interface name which you can assign ip address or use just as a bridge >> itself. > > Hello Malec, > > Thanks for your tip. > > But, when I does this command: > btctl addif xenbr0 eth0.260 > > I lost my VLAN 260. And the same for 261. The network stop to ping and > stop to work... Did you have any other tip? > > Thanks >What does it mean "you lost your vlan"? if you have assign an ip addres to eth0.260 interface you will lost a communication when you add this interface to the bridge. Try to configure eth0.260 with no ip addr assigned, add this interface to the bridge and assign ip address to the xenbr0 interface. You should be able to ping your hosts in vlan260 from dom0. I assume that you want to start new virtual machine and you want to communicate with it from dom0 and vlan260, so you need to add this iptables rules: iptables -A FORWARD -m physdev --physdev-in tap+ -j ACCEPT iptables -m physdev --physdev-out tap+ -j ACCEPT iptables -m physdev --physdev-in eth0.260 -j ACCEPT iptables -m physdev --physdev-out eth0.260 -j ACCEPT - ------------------------------------------------------------------ My bridge configuration is: mamut:~# brctl show bridge name bridge id STP enabled interfaces br0 8000.001a4ba48746 no vlan115 tap0 vif9.0 mamut:~# ip a 1: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:1a:4b:a4:87:46 brd ff:ff:ff:ff:ff:ff 132: vlan115@eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue link/ether 00:1a:4b:a4:87:46 brd ff:ff:ff:ff:ff:ff 133: br0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue link/ether 00:1a:4b:a4:87:46 brd ff:ff:ff:ff:ff:ff inet 10.100.250.230/24 brd 10.100.250.255 scope global br0 135: vif9.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 32 link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 136: tap0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 500 link/ether 12:7f:d7:e4:77:f5 brd ff:ff:ff:ff:ff:ff mamut:~# iptables -L FORWARD -v -n Chain FORWARD (policy DROP 1 packets, 40 bytes) pkts bytes target prot opt in out source destination 236 32002 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in tap+ 4113 358K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tap+ 4107 356K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vlan115 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vlan115 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vif9.0 So you can see that my interface vlan115 have no ip assigned. The br0 interface have an ip, co i can communicate with vlan115 through br0 interface. iptables rules makes the bridge forward all packages from virtual interface tap0 and from vlan. - -- Pozdrawiam Dariusz Malec http://www.kos.wsiz.rzeszow.pl http://www.kos.wsiz.rzeszow.pl/~dmalec GG:1720216 JID:dmalec@jabber.kos.wsiz.rzeszow.pl "Podwładny powinien przed obliczem przełożonego mieć wygląd lichy i durnowaty, tak by swoim pojmowaniem istoty sprawy, nie peszyć przełożonego." Ukaz Cara Rosji Piotra I z 9 grudnia 1708 roku -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHz62WjT0NFyejOD8RAgfSAJ4+OeYbh30C8RFI3VfKG8RmDDo15wCdFwNV Vqpk3BU/Ijqy6gsBIAi7PRI=Z9Tv -----END PGP SIGNATURE----- _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello! On Thu, 2008-03-06 at 09:38 +0100, Dariusz Malec wrote:> What does it mean "you lost your vlan"? if you have assign an ip addres > to eth0.260 interface you will lost a communication when you add this > interface to the bridge.Yep. I was using ssh to manage one remote computer, and I lost this connection when I''ve added the bridge.> Try to configure eth0.260 with no ip addr assigned, add this interface > to the bridge and assign ip address to the xenbr0 interface. You should > be able to ping your hosts in vlan260 from dom0.I''ve tried a lot of combination, and my final solution was: - Does not use any IP/Alias on bridge interface - Use another VLAN (TAG 272 on my example) to management Some like this: http://wiki.xen-br.org/images/4/4b/Xen.png Thanks for you tip and attention! -- Tiago Cruz http://everlinux.com Linux User #282636 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Mar 10, 2008 at 03:24:45PM -0300, Tiago Cruz wrote:> Hello! > > On Thu, 2008-03-06 at 09:38 +0100, Dariusz Malec wrote: > > > What does it mean "you lost your vlan"? if you have assign an ip addres > > to eth0.260 interface you will lost a communication when you add this > > interface to the bridge. > > Yep. I was using ssh to manage one remote computer, and I lost this > connection when I''ve added the bridge. > > > > Try to configure eth0.260 with no ip addr assigned, add this interface > > to the bridge and assign ip address to the xenbr0 interface. You should > > be able to ping your hosts in vlan260 from dom0. > > I''ve tried a lot of combination, and my final solution was: > > - Does not use any IP/Alias on bridge interface > - Use another VLAN (TAG 272 on my example) to management > > Some like this: > http://wiki.xen-br.org/images/4/4b/Xen.png >I use the attached script for managing the bridges. Note that I use the format VLAN_PLUS_VID_NO_PAD for the vlan interfaces (eg: vlan272). The files go to: - /etc/xen/scripts: vlan-bridge and vlan-bridge-common.sh - /etc/xen: qemu-ifup You''ll then have to edit /etc/xen/xend-config.sxp: 1. change network script to: (network-script :) 2. change vif script to: (vif-script vlan-bridge) Regards, Luciano Rocha -- lfr 0/0 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Mar 10, 2008 at 06:48:12PM +0000, Luciano Rocha wrote:> On Mon, Mar 10, 2008 at 03:24:45PM -0300, Tiago Cruz wrote: > > Hello! > > > > On Thu, 2008-03-06 at 09:38 +0100, Dariusz Malec wrote: > > > > > What does it mean "you lost your vlan"? if you have assign an ip addres > > > to eth0.260 interface you will lost a communication when you add this > > > interface to the bridge. > > > > Yep. I was using ssh to manage one remote computer, and I lost this > > connection when I''ve added the bridge. > > > > > > > Try to configure eth0.260 with no ip addr assigned, add this interface > > > to the bridge and assign ip address to the xenbr0 interface. You should > > > be able to ping your hosts in vlan260 from dom0. > > > > I''ve tried a lot of combination, and my final solution was: > > > > - Does not use any IP/Alias on bridge interface > > - Use another VLAN (TAG 272 on my example) to management > > > > Some like this: > > http://wiki.xen-br.org/images/4/4b/Xen.png > > > > I use the attached script for managing the bridges. Note that I use the > format VLAN_PLUS_VID_NO_PAD for the vlan interfaces (eg: vlan272).<snip> I''m getting forgetful in my old age. Files now really attached. -- lfr 0/0 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello guy''s, I have used vlans in my virtual environment with success but I needed to change the network-bridge script to make this set up to work because the original network-bridge not work with vlan. This is my network-script changed: http://msinhore.xen-br.org/scripts/network-bridge I also created a new xen script called network-bridge-multi to create multi bridges up bonded interfaces with vlan tag: #! /bin/bash dir=$(dirname "$0") "$dir/network-bridge" "$@" vifnum=2 netdev=bond0.2 bridge=vlanbr2 "$dir/network-bridge" "$@" vifnum=3 netdev=bond0.3 bridge=vlanbr3 "$dir/network-bridge" "$@" vifnum=4 netdev=bond0.4 bridge=vlanbr4 "$dir/network-bridge" "$@" vifnum=5 netdev=bond0.5 bridge=vlanbr5 In this example, I have used the bridge name ''vlanbr'' + tag_id. You can change it to xenbr0 in another interface tagged. Example: dir=$(dirname "$0") "$dir/network-bridge" "$@" vifnum=0 netdev=eth0.272 bridge=xenbr0 "$dir/network-bridge" "$@" vifnum=1 netdev=eth0.273 bridge=xenbr1 [...] To use this set up you need change the network-script var in /etc/xen/xend-config.sxp file to: (network-script network-bridge-multi) Now, if you need only one interface, change only the ''network-script'' to: (network-script ''network-bridge netdev=eth0.272 bridge=xenbr0'') Remember, the original network-script do not work with vlan. Regards, -- Marco Sinhoreli On Mon, Mar 10, 2008 at 3:55 PM, Luciano Rocha <strange@nsk.no-ip.org> wrote:> On Mon, Mar 10, 2008 at 06:48:12PM +0000, Luciano Rocha wrote: > > On Mon, Mar 10, 2008 at 03:24:45PM -0300, Tiago Cruz wrote: > > > Hello! > > > > > > On Thu, 2008-03-06 at 09:38 +0100, Dariusz Malec wrote: > > > > > > > What does it mean "you lost your vlan"? if you have assign an ip addres > > > > to eth0.260 interface you will lost a communication when you add this > > > > interface to the bridge. > > > > > > Yep. I was using ssh to manage one remote computer, and I lost this > > > connection when I''ve added the bridge. > > > > > > > > > > Try to configure eth0.260 with no ip addr assigned, add this interface > > > > to the bridge and assign ip address to the xenbr0 interface. You should > > > > be able to ping your hosts in vlan260 from dom0. > > > > > > I''ve tried a lot of combination, and my final solution was: > > > > > > - Does not use any IP/Alias on bridge interface > > > - Use another VLAN (TAG 272 on my example) to management > > > > > > Some like this: > > > http://wiki.xen-br.org/images/4/4b/Xen.png > > > > > > > I use the attached script for managing the bridges. Note that I use the > > format VLAN_PLUS_VID_NO_PAD for the vlan interfaces (eg: vlan272). > <snip> > > I''m getting forgetful in my old age. > > Files now really attached. > > -- > lfr > 0/0 > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >-- Marco Sinhoreli _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users