Xen users - Jul 2008 - Two bridges on one host, can not communicate on the second, what did I miss?

Hello! I''m trying to set up an "internal" bridge on a Xen
host (xen
3.2, ubuntu server 8.04 as a host). I am trying to get domU A
communicate with domU B, with no success.

First I followed the instructions in the XenNetworking page on the
wiki to get another bridge with no physical interface connected. I
created a file called /etc/xen/scripts/network-custom:

#!/bin/sh
dir=$(dirname "$0")
"$dir/network-bridge" "$@" vifnum=0
"$dir/network-bridge" "$@" vifnum=1 bridge=dmz netdev=dummy0

After a reboot, this bridge comes up fine, and the output from "brctl
show" looks like the default bridge that the network-bridge script
creates. I have now a pdummy0 interface configured as well, belonging
to the bridge, but that is of course expected.

After this I create two guests: domU_A and domU_B. They are both on
the same network, 10.19.0.0/24, with IP number 10.19.0.2 and 10.19.0.3
respectively. They just have one virtual network interface each, and I
added "bridge=dmz" to them, so they will connect to the dmz bridge.

After I start up both guests, I can see from "brctl show" that their
vif1.0 and vif2.0 have been attached to the dmz bridge, and inside,
the network interface has been configured correctly if I look at them
using ifconfig.

Here is where I fail. They can not access each other through the
network, not with ping, nor with anything else.

Using netcat gives me some slightly helpful message:
domU_B:~# echo hello | nc 10.19.0.2 9999
(UNKNOWN) [10.19.0.2] 9999 (?) : No route to host


The output from "route" shows (sorry if the columns are not aligned
correctly):
Destination   Gateway  Genmask        Flags  Metric  Ref   Use Iface
10.19.0.0      *             255.255.255.0  U        0         0         0  eth0

I don''t have a default gateway, but well, there *is* no gateway, there
are just two clients.

The "ethtool -K eth0 tx off" trick doesn''t make any
difference.

What''s sad here is that networking within the default xen bridge works
great, with exactly the same method of creating  and I have never had
any problems with that. As a matter of fact, keeping the exact same
config, but changing the bridge to the default bridge, makes it
possible to communicate between the guests. But now I would like to
add another bridge, as I would like to learn a little more about
networking.

Help! What did I miss? How can I find out where the problem is?

/ Anders

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Anders,
    I have a similar working setup on xen 3.1 (dummy interface with 3 
bridges and 3 nics on a domU and 2 nics on other 3 domUs)
some thoughts:
- any filtering on the domUs or dom0 (iptables, ebtables)
- do you see mac addresses filling the bridges tables (brctl showmacs 
<bridgename>)?
- check /var/log/xen/
- maybe post "ip address list" "brctl show" from dom0 and
"ip address
list" from domU together with the comment''s stripped xend-config
and
domU config.
cheers,
Massimo

Anders Andersson wrote:
> Hello! I''m trying to set up an "internal" bridge on a
Xen host (xen
> 3.2, ubuntu server 8.04 as a host). I am trying to get domU A
> communicate with domU B, with no success.
>
> First I followed the instructions in the XenNetworking page on the
> wiki to get another bridge with no physical interface connected. I
> created a file called /etc/xen/scripts/network-custom:
>
> #!/bin/sh
> dir=$(dirname "$0")
> "$dir/network-bridge" "$@" vifnum=0
> "$dir/network-bridge" "$@" vifnum=1 bridge=dmz
netdev=dummy0
>
> After a reboot, this bridge comes up fine, and the output from "brctl
> show" looks like the default bridge that the network-bridge script
> creates. I have now a pdummy0 interface configured as well, belonging
> to the bridge, but that is of course expected.
>
> After this I create two guests: domU_A and domU_B. They are both on
> the same network, 10.19.0.0/24, with IP number 10.19.0.2 and 10.19.0.3
> respectively. They just have one virtual network interface each, and I
> added "bridge=dmz" to them, so they will connect to the dmz
bridge.
>
> After I start up both guests, I can see from "brctl show" that
their
> vif1.0 and vif2.0 have been attached to the dmz bridge, and inside,
> the network interface has been configured correctly if I look at them
> using ifconfig.
>
> Here is where I fail. They can not access each other through the
> network, not with ping, nor with anything else.
>
> Using netcat gives me some slightly helpful message:
> domU_B:~# echo hello | nc 10.19.0.2 9999
> (UNKNOWN) [10.19.0.2] 9999 (?) : No route to host
>
>
> The output from "route" shows (sorry if the columns are not
aligned correctly):
> Destination   Gateway  Genmask        Flags  Metric  Ref   Use Iface
> 10.19.0.0      *             255.255.255.0  U        0         0         0 
eth0
>
> I don''t have a default gateway, but well, there *is* no gateway,
there
> are just two clients.
>
> The "ethtool -K eth0 tx off" trick doesn''t make any
difference.
>
> What''s sad here is that networking within the default xen bridge
works
> great, with exactly the same method of creating  and I have never had
> any problems with that. As a matter of fact, keeping the exact same
> config, but changing the bridge to the default bridge, makes it
> possible to communicate between the guests. But now I would like to
> add another bridge, as I would like to learn a little more about
> networking.
>
> Help! What did I miss? How can I find out where the problem is?
>
> / Anders
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users
>   

-- 
Massimo Mongardini
~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~
echo
''Jg!J!hjwf!zpv!bo!bqqmf!boe!zpv!hjwf!nf!bo!bqqmf-!uifo!xf!xjmm!ibwf!bo!bqqmf!fbdi/!Cvu!jg!J!hjwf!zpv!bo!jefb!boe!zpv!hjwf!nf!bo!jefb-!xf!xjmm!ibwf!uxp!jefbt!fbdi!''
| perl -pe ''s/(.)/chr(ord($1)-1)/ge''
~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~
http://massimo.mongardini.it
http://www.getthefacts.it
http://www.mongardini.it/pizza-howto
~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~-.-~
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users