Javier Merino
2008-Sep-03 16:20 UTC
[Xen-users] eth0 on dom0 not working on a bridged conf
Hi,
I''ve installed xen 3.0.3 from packages (xen-linux-system) on a debian
etch, and i''ve configured it with network-bridge script in the default
way (netdev=eth0, bridge=xenbr0, etc...) which is ok for me.
the problem I have:
I cannot ping any outer machine from dom0 (nor any outer machine can
ping me). It gives me a "Destination Host Unreachable" message that
makes me think there is no arp response.
other symptoms:
I can ping from dom0 any domU''s I create...
... and from those domU''s I can ping dom0 and also the outer
machines that I was unable to ping from dom0. => so, xenbr0 if working
properly with peth0, vifX.0 (and eth0 on domU''s)
Configuration looks fine in comparation with other xen 3.0 machines I
have working. Here is a "/etc/xen/scripts/network-bridge status":
===========================================================6: eth0:
<BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
link/ether 00:14:5e:da:3a:a2 brd ff:ff:ff:ff:ff:ff
inet 172.30.1.16/24 brd 172.30.1.255 scope global eth0
inet6 fe80::214:5eff:feda:3aa2/64 scope link
valid_lft forever preferred_lft forever
13: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
inet6 fe80::200:ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
peth0
vif3.0
172.30.1.0/24 dev eth0 proto kernel scope link src 172.30.1.16
default via 172.30.1.1 dev eth0
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
172.30.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 172.30.1.1 0.0.0.0 UG 0 0 0 eth0
===========================================================
If I manually "/etc/xen/scripts/network-bridge stop", eth0 begins
working correctly with the exterior (I can ping, ssh, outer machines and
viceversa).
dmesg, xend.log and xen-debug.log looks fine for me, but I may missed
up something .
I''ve installed tshark to test the communications when network-bridge
is up, but my knowledge is not enough to understand what''s happening.
I''ll send the output of whatever you ask me.
Thanks if anyone can help. I am lost after trying almost my best.
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
Javier Merino
2008-Sep-03 16:36 UTC
Re: [Xen-users] eth0 on dom0 not working on a bridged conf
Here I''ll paste some output that explains the problem in command line
language (my English is not better than my cli):
172.30.1.16 is the IP for my dom0
172.30.1.81 is the IP for a domU
172.30.1.11 is the IP of an outer machine
Thanks
-----------------------
blade06:~/debug# echo blade06 is dom0 with ip 172.30.1.16
blade06 is dom0 with ip 172.30.1.16
blade06:~/debug# uname -a
Linux blade06 2.6.18-6-xen-686 #1 SMP Mon Aug 18 12:56:50 UTC 2008 i686
GNU/Linu
x
blade06:~/debug# ethtool peth0
Settings for peth0:
Supported ports: [ FIBRE ]
Supported link modes: 1000baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 1000baseT/Full
Advertised auto-negotiation: Yes
Speed: 1000Mb/s
Duplex: Full
Port: FIBRE
PHYAD: 2
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: d
Wake-on: d
Link detected: yes
blade06:~/debug# ethtool eth0
Settings for eth0:
Link detected: yes
blade06:~/debug# echo test is domU with ip 172.30.1.81
test is domU with ip 172.30.1.81
blade06:~/debug# xm create /etc/xen/test.cfg
Using config file "/etc/xen/test.cfg".
Started domain test
blade06:~/debug#
blade06:~/debug# ifconfig
eth0 Link encap:Ethernet HWaddr 00:14:5E:DA:3A:A2
inet addr:172.30.1.16 Bcast:172.30.1.255 Mask:255.255.255.0
inet6 addr: fe80::214:5eff:feda:3aa2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:131000 errors:0 dropped:0 overruns:0 frame:0
TX packets:107 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:24570068 (23.4 MiB) TX bytes:7006 (6.8 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:19 errors:0 dropped:0 overruns:0 frame:0
TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1888 (1.8 KiB) TX bytes:1888 (1.8 KiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:131859 errors:0 dropped:175 overruns:0 frame:0
TX packets:123 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25159976 (23.9 MiB) TX bytes:9718 (9.4 KiB)
Interrupt:19 Memory:da000000-da011100
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:107 errors:0 dropped:0 overruns:0 frame:0
TX packets:131000 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7006 (6.8 KiB) TX bytes:24570068 (23.4 MiB)
vif3.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:155 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:412 (412.0 b) TX bytes:27862 (27.2 KiB)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:108269 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11043361 (10.5 MiB) TX bytes:0 (0.0 b)
blade06:~/debug# /etc/xen/scripts/network-bridge status
===========================================================6: eth0:
<BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
link/ether 00:14:5e:da:3a:a2 brd ff:ff:ff:ff:ff:ff
inet 172.30.1.16/24 brd 172.30.1.255 scope global eth0
inet6 fe80::214:5eff:feda:3aa2/64 scope link
valid_lft forever preferred_lft forever
13: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
inet6 fe80::200:ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
peth0
vif3.0
172.30.1.0/24 dev eth0 proto kernel scope link src 172.30.1.16
default via 172.30.1.1 dev eth0
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
172.30.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 172.30.1.1 0.0.0.0 UG 0 0 0 eth0
===========================================================blade06:~/debug# ping
172.30.1.81
PING 172.30.1.81 (172.30.1.81) 56(84) bytes of data.
64 bytes from 172.30.1.81: icmp_seq=1 ttl=64 time=4.01 ms
64 bytes from 172.30.1.81: icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from 172.30.1.81: icmp_seq=3 ttl=64 time=0.055 ms
64 bytes from 172.30.1.81: icmp_seq=4 ttl=64 time=0.045 ms
--- 172.30.1.81 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.045/1.043/4.014/1.715 ms
blade06:~/debug# echo 172.30.1.11 is a working machine
172.30.1.11 is a working machine
blade06:~/debug# ping 172.30.1.11
PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data.
From 172.30.1.16 icmp_seq=2 Destination Host Unreachable
From 172.30.1.16 icmp_seq=3 Destination Host Unreachable
From 172.30.1.16 icmp_seq=4 Destination Host Unreachable
From 172.30.1.16 icmp_seq=6 Destination Host Unreachable
From 172.30.1.16 icmp_seq=7 Destination Host Unreachable
From 172.30.1.16 icmp_seq=8 Destination Host Unreachable
--- 172.30.1.11 ping statistics ---
8 packets transmitted, 0 received, +6 errors, 100% packet loss, time 7000ms
, pipe 3
blade06:~/debug# xm console test
Linux version 2.6.18-6-xen-686 (Debian 2.6.18.dfsg.1-22etch2)
(dannf@debian.org)
(gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)) #1 SMP Mon
Aug 18 1
2:56:50 UTC 2008
[... cut ...]
Debian GNU/Linux 4.0 test tty1
test login: root
Password:
Last login: Wed Sep 3 22:48:23 2008 on tty1
Linux test 2.6.18-6-xen-686 #1 SMP Mon Aug 18 12:56:50 UTC 2008 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
test:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3E:A4:65:F2
inet addr:172.30.1.81 Bcast:172.30.1.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fea4:65f2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1350 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:246689 (240.9 KiB) TX bytes:986 (986.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
test:~# ping 172.30.1.16
PING 172.30.1.16 (172.30.1.16) 56(84) bytes of data.
64 bytes from 172.30.1.16: icmp_seq=1 ttl=64 time=0.161 ms
64 bytes from 172.30.1.16: icmp_seq=2 ttl=64 time=0.047 ms
64 bytes from 172.30.1.16: icmp_seq=3 ttl=64 time=0.048 ms
--- 172.30.1.16 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.047/0.085/0.161/0.054 ms
test:~# ping 172.30.1.11
PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data.
64 bytes from 172.30.1.11: icmp_seq=1 ttl=64 time=1.75 ms
64 bytes from 172.30.1.11: icmp_seq=2 ttl=64 time=0.190 ms
64 bytes from 172.30.1.11: icmp_seq=3 ttl=64 time=0.181 ms
64 bytes from 172.30.1.11: icmp_seq=4 ttl=64 time=0.191 ms
64 bytes from 172.30.1.11: icmp_seq=5 ttl=64 time=0.182 ms
--- 172.30.1.11 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4001ms
rtt min/avg/max/mdev = 0.181/0.499/1.755/0.628 ms
test:~# echo ctrl-5 back to dom0
ctrl-5 back to dom0
test:~# blade06:~/debug#
blade06:~/debug# tshark -i eth0 ether host 00:14:5e:da:3a:a2 &
[1] 5312
blade06:~/debug# Capturing on eth0
blade06:~/debug# ping 172.30.1.11
PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data.
0.000000 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell
172.30.1.16
1.000052 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell
172.30.1.16
2.000115 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell
172.30.1.16
2.275367 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
2.275379 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
2.275381 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
3.008186 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
4.008247 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
5.008311 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
6.008372 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
7.008435 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
--- 172.30.1.11 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7011ms
blade06:~/debug# echo now I ping from 172.30.1.11
now I ping from 172.30.1.11
blade06:~/debug# 51.857666 Ibm_da:3a:a2 -> Ibm_b5:0d:90 ARP 172.30.1.16
is at 0
0:14:5e:da:3a:a2
99.859600 Ibm_da:3a:a2 -> Ibm_b5:0d:90 ARP 172.30.1.16 is at
00:14:5e:da:3a:a2
blade06:~/debug# fg
tshark -i eth0 ether host 00:14:5e:da:3a:a2
13 packets captured
)blade06:~/debug# tshark -i eth0 ether host 00:14:5e:da:3a:a2 &
[1] 5319
blade06:~/debug# Capturing on peth0
blade06:~/debug# ping 172.30.1.11
PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data.
0.000000 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
0.008605 Ibm_da:3a:a2 -> Ibm_b5:0d:90 ARP 172.30.1.16 is at
00:14:5e:da:3a:a2
1.010570 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
2.010635 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
3.010700 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
4.010759 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
5.010824 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
6.010886 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request
--- 172.30.1.11 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6010ms
blade06:~/debug# echo now I ping from 172.30.1.11
now I ping from 172.30.1.11
blade06:~/debug# 32.170000 Ibm_da:3a:a2 -> Ibm_b5:0d:90 ARP 172.30.1.16
is at 00:14:5e:da:3a:a2
blade06:~/debug# fg
tshark -i peth0 ether host 00:14:5e:da:3a:a2
9 packets captured
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
Dustin Henning
2008-Sep-03 16:48 UTC
RE: [Xen-users] eth0 on dom0 not working on a bridged conf
I think eth0 should be included under interfaces here:
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
peth0
vif3.0
The appropriate brctl command will add it to the bridge (not at a Linux
machine to get you that command). This is because peth0 is the physical
connection to the network and eth0 is where your address is assigned. This
is the normal setup for older versions of xen, except eth0 should have been
automatically added to the bridge during startup. On newer versions, xenbr0
is deprecated and eth0 is the bridge (which has the address assigned to
itself).
Dustin
-----Original Message-----
From: xen-users-bounces@lists.xensource.com
[mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Javier Merino
Sent: Wednesday, September 03, 2008 12:20
To: xen-users@lists.xensource.com
Subject: [Xen-users] eth0 on dom0 not working on a bridged conf
Hi,
I''ve installed xen 3.0.3 from packages (xen-linux-system) on a debian
etch, and i''ve configured it with network-bridge script in the default
way (netdev=eth0, bridge=xenbr0, etc...) which is ok for me.
the problem I have:
I cannot ping any outer machine from dom0 (nor any outer machine can
ping me). It gives me a "Destination Host Unreachable" message that
makes me think there is no arp response.
other symptoms:
I can ping from dom0 any domU''s I create...
... and from those domU''s I can ping dom0 and also the outer
machines that I was unable to ping from dom0. => so, xenbr0 if working
properly with peth0, vifX.0 (and eth0 on domU''s)
Configuration looks fine in comparation with other xen 3.0 machines I
have working. Here is a "/etc/xen/scripts/network-bridge status":
===========================================================6: eth0:
<BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
link/ether 00:14:5e:da:3a:a2 brd ff:ff:ff:ff:ff:ff
inet 172.30.1.16/24 brd 172.30.1.255 scope global eth0
inet6 fe80::214:5eff:feda:3aa2/64 scope link
valid_lft forever preferred_lft forever
13: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
inet6 fe80::200:ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
bridge name bridge id STP enabled interfaces
xenbr0 8000.feffffffffff no vif0.0
peth0
vif3.0
172.30.1.0/24 dev eth0 proto kernel scope link src 172.30.1.16
default via 172.30.1.1 dev eth0
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
172.30.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 172.30.1.1 0.0.0.0 UG 0 0 0 eth0
===========================================================
If I manually "/etc/xen/scripts/network-bridge stop", eth0 begins
working correctly with the exterior (I can ping, ssh, outer machines and
viceversa).
dmesg, xend.log and xen-debug.log looks fine for me, but I may missed
up something .
I''ve installed tshark to test the communications when network-bridge
is up, but my knowledge is not enough to understand what''s happening.
I''ll send the output of whatever you ask me.
Thanks if anyone can help. I am lost after trying almost my best.
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
Fischer, Anna
2008-Sep-03 17:05 UTC
RE: [Xen-users] eth0 on dom0 not working on a bridged conf
No I think that is correct because Javier is using an old Xen version (3.0.3). What does your ARP table on Dom0 show? Does it have a binding for 172.30.1.81 (your external machine)? It looks as if your ARP requests from Dom0 do not reach the network, and so the ping request does not go out.> -----Original Message----- > From: xen-users-bounces@lists.xensource.com [mailto:xen-users- > bounces@lists.xensource.com] On Behalf Of Dustin Henning > Sent: 03 September 2008 17:48 > To: ''Javier Merino''; xen-users@lists.xensource.com > Subject: RE: [Xen-users] eth0 on dom0 not working on a bridged conf > > I think eth0 should be included under interfaces here: > > bridge name bridge id STP enabled interfaces > xenbr0 8000.feffffffffff no vif0.0 > peth0 > vif3.0 > > The appropriate brctl command will add it to the bridge (not at a Linux > machine to get you that command). This is because peth0 is the > physical > connection to the network and eth0 is where your address is assigned. > This > is the normal setup for older versions of xen, except eth0 should have > been > automatically added to the bridge during startup. On newer versions, > xenbr0 > is deprecated and eth0 is the bridge (which has the address assigned to > itself). > Dustin > > -----Original Message----- > From: xen-users-bounces@lists.xensource.com > [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Javier > Merino > Sent: Wednesday, September 03, 2008 12:20 > To: xen-users@lists.xensource.com > Subject: [Xen-users] eth0 on dom0 not working on a bridged conf > > Hi, > > I''ve installed xen 3.0.3 from packages (xen-linux-system) on a debian > etch, and i''ve configured it with network-bridge script in the default > way (netdev=eth0, bridge=xenbr0, etc...) which is ok for me. > > the problem I have: > > I cannot ping any outer machine from dom0 (nor any outer machine can > ping me). It gives me a "Destination Host Unreachable" message that > makes me think there is no arp response. > > other symptoms: > > I can ping from dom0 any domU''s I create... > ... and from those domU''s I can ping dom0 and also the outer > machines that I was unable to ping from dom0. => so, xenbr0 if working > properly with peth0, vifX.0 (and eth0 on domU''s) > > Configuration looks fine in comparation with other xen 3.0 machines I > have working. Here is a "/etc/xen/scripts/network-bridge status": > > ===========================================================> 6: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue > link/ether 00:14:5e:da:3a:a2 brd ff:ff:ff:ff:ff:ff > inet 172.30.1.16/24 brd 172.30.1.255 scope global eth0 > inet6 fe80::214:5eff:feda:3aa2/64 scope link > valid_lft forever preferred_lft forever > 13: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue > link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff > inet6 fe80::200:ff:fe00:0/64 scope link > valid_lft forever preferred_lft forever > > bridge name bridge id STP enabled interfaces > xenbr0 8000.feffffffffff no vif0.0 > peth0 > vif3.0 > > 172.30.1.0/24 dev eth0 proto kernel scope link src 172.30.1.16 > default via 172.30.1.1 dev eth0 > > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 172.30.1.0 0.0.0.0 255.255.255.0 U 0 0 0 > eth0 > 0.0.0.0 172.30.1.1 0.0.0.0 UG 0 0 0 > eth0 > ===========================================================> > > If I manually "/etc/xen/scripts/network-bridge stop", eth0 begins > working correctly with the exterior (I can ping, ssh, outer machines > and > viceversa). > > dmesg, xend.log and xen-debug.log looks fine for me, but I may missed > up something . > > I''ve installed tshark to test the communications when network-bridge > is up, but my knowledge is not enough to understand what''s happening. > I''ll send the output of whatever you ask me. > > Thanks if anyone can help. I am lost after trying almost my best. > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users > > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Javier Merino
2008-Sep-04 07:22 UTC
Re: [Xen-users] eth0 on dom0 not working on a bridged conf
You are right Anna(except that my external machine is 172.30.1.11): arp tables in dom0 has not binding for the external machine (172.30.1.11) while it has for domU (172.30.1.81). But my external machine ''can see'' the arp packets sent from dom0 and is replying to them. So arp-request packets are going out the bridge, but arp-response packets seems not to be going back from the bridge xenbr0. I''m not sure about this. Thank you both. NOTES: Dustin: the other set up I have with xen 3.0 has the same brctl configuration. I suppose it is the 3.0 conf as Anna said. I have not setup an interface for ''default router'' 172.30.1.1 at my router, but I think this should not interfere. *dom0 172.30.1.16* blade06:~# ping 172.30.1.81 PING 172.30.1.81 (172.30.1.81) 56(84) bytes of data. 64 bytes from 172.30.1.81: icmp_seq=1 ttl=64 time=0.898 ms ... blade06:~# ping 172.30.1.11 PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. From 172.30.1.16 icmp_seq=1 Destination Host Unreachable ... blade06:~# arp -n Address HWtype HWaddress Flags Mask Iface 172.30.1.1 (incomplete) eth0 172.30.1.11 (incomplete) eth0 172.30.1.81 ether 00:16:3E:A4:65:F2 C eth0 *domU 172.30.1.81* test:~# ping 172.30.1.11 PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. 64 bytes from 172.30.1.11: icmp_seq=1 ttl=64 time=0.603 ms ... test:~# ping 172.30.1.16 PING 172.30.1.16 (172.30.1.16) 56(84) bytes of data. 64 bytes from 172.30.1.16: icmp_seq=1 ttl=64 time=0.424 ms ... test:~# arp -n Address HWtype HWaddress Flags Mask Iface 172.30.1.11 ether 00:09:6B:B5:0D:90 C eth0 172.30.1.16 ether 00:14:5E:DA:3A:A2 C eth0 *external machine 172.30.1.11* * - 1st while pinging domU from dom0 (at 0.000000) * - 2nd while pinging ext mach from dom0 (at 41.160119 and after) blade01:~# tshark -i peth0 ether host 00:14:5e:da:3a:a2 Capturing on peth0 0.000000 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.81? Tell 172.30.1.16 41.160119 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 41.160153 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at 00:09:6b:b5:0d:90 42.160092 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 42.160114 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at 00:09:6b:b5:0d:90 43.160099 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 43.160120 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at 00:09:6b:b5:0d:90 44.167066 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 44.167089 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at 00:09:6b:b5:0d:90 45.164106 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 45.164130 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at 00:09:6b:b5:0d:90 46.164119 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 46.164141 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at 00:09:6b:b5:0d:90 49.240145 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell 172.30.1.16 50.240151 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell 172.30.1.16 51.240156 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell 172.30.1.16 Fischer, Anna escribió:> No I think that is correct because Javier is using an old Xen version (3.0.3). What does your ARP table on Dom0 show? Does it have a binding for 172.30.1.81 (your external machine)? It looks as if your ARP requests from Dom0 do not reach the network, and so the ping request does not go out. > > >> -----Original Message----- >> From: xen-users-bounces@lists.xensource.com [mailto:xen-users- >> bounces@lists.xensource.com] On Behalf Of Dustin Henning >> Sent: 03 September 2008 17:48 >> To: ''Javier Merino''; xen-users@lists.xensource.com >> Subject: RE: [Xen-users] eth0 on dom0 not working on a bridged conf >> >> I think eth0 should be included under interfaces here: >> >> bridge name bridge id STP enabled interfaces >> xenbr0 8000.feffffffffff no vif0.0 >> peth0 >> vif3.0 >> >> The appropriate brctl command will add it to the bridge (not at a Linux >> machine to get you that command). This is because peth0 is the >> physical >> connection to the network and eth0 is where your address is assigned. >> This >> is the normal setup for older versions of xen, except eth0 should have >> been >> automatically added to the bridge during startup. On newer versions, >> xenbr0 >> is deprecated and eth0 is the bridge (which has the address assigned to >> itself). >> Dustin >> >> -----Original Message----- >> From: xen-users-bounces@lists.xensource.com >> [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Javier >> Merino >> Sent: Wednesday, September 03, 2008 12:20 >> To: xen-users@lists.xensource.com >> Subject: [Xen-users] eth0 on dom0 not working on a bridged conf >> >> Hi, >> >> I''ve installed xen 3.0.3 from packages (xen-linux-system) on a debian >> etch, and i''ve configured it with network-bridge script in the default >> way (netdev=eth0, bridge=xenbr0, etc...) which is ok for me. >> >> the problem I have: >> >> I cannot ping any outer machine from dom0 (nor any outer machine can >> ping me). It gives me a "Destination Host Unreachable" message that >> makes me think there is no arp response. >> >> other symptoms: >> >> I can ping from dom0 any domU''s I create... >> ... and from those domU''s I can ping dom0 and also the outer >> machines that I was unable to ping from dom0. => so, xenbr0 if working >> properly with peth0, vifX.0 (and eth0 on domU''s) >> >> Configuration looks fine in comparation with other xen 3.0 machines I >> have working. Here is a "/etc/xen/scripts/network-bridge status": >> >> ===========================================================>> 6: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue >> link/ether 00:14:5e:da:3a:a2 brd ff:ff:ff:ff:ff:ff >> inet 172.30.1.16/24 brd 172.30.1.255 scope global eth0 >> inet6 fe80::214:5eff:feda:3aa2/64 scope link >> valid_lft forever preferred_lft forever >> 13: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue >> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff >> inet6 fe80::200:ff:fe00:0/64 scope link >> valid_lft forever preferred_lft forever >> >> bridge name bridge id STP enabled interfaces >> xenbr0 8000.feffffffffff no vif0.0 >> peth0 >> vif3.0 >> >> 172.30.1.0/24 dev eth0 proto kernel scope link src 172.30.1.16 >> default via 172.30.1.1 dev eth0 >> >> Kernel IP routing table >> Destination Gateway Genmask Flags Metric Ref Use >> Iface >> 172.30.1.0 0.0.0.0 255.255.255.0 U 0 0 0 >> eth0 >> 0.0.0.0 172.30.1.1 0.0.0.0 UG 0 0 0 >> eth0 >> ===========================================================>> >> >> If I manually "/etc/xen/scripts/network-bridge stop", eth0 begins >> working correctly with the exterior (I can ping, ssh, outer machines >> and >> viceversa). >> >> dmesg, xend.log and xen-debug.log looks fine for me, but I may missed >> up something . >> >> I''ve installed tshark to test the communications when network-bridge >> is up, but my knowledge is not enough to understand what''s happening. >> I''ll send the output of whatever you ask me. >> >> Thanks if anyone can help. I am lost after trying almost my best. >> >> _______________________________________________ >> Xen-users mailing list >> Xen-users@lists.xensource.com >> http://lists.xensource.com/xen-users >> >> >> >> _______________________________________________ >> Xen-users mailing list >> Xen-users@lists.xensource.com >> http://lists.xensource.com/xen-users >> > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Javier Merino
2008-Sep-04 11:32 UTC
Re: [Xen-users] eth0 on dom0 not working on a bridged conf
I''m still with the same problem, but I know better what is not working. It is not just arp packets, but all incoming ethernet traffic to eth0 en dom0. If I enforce arp to bind the mac addr to the ip addr, dom0 sends the ping, the external host replies to the ping, but the reply is never seen at dom0. *this is what I see from the external host with tshark when dom0 pings it* 9895.649694 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request 9895.649754 172.30.1.11 -> 172.30.1.16 ICMP Echo (ping) reply *this is how I have enforced arp, and how ping is sent and echo received from domU 172.30.1.81, * *but not from the external host 172.30.1.11* blade06:~/debug# arp -n blade06:~/debug# tshark -i eth0 ether host 00:14:5e:da:3a:a2 & [1] 3944 blade06:~/debug# Capturing on eth0 blade06:~/debug# ping -c 1 172.30.1.11 PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. 0.000000 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 1.000062 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 2.000121 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell 172.30.1.16 From 172.30.1.16 icmp_seq=1 Destination Host Unreachable --- 172.30.1.11 ping statistics --- 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms blade06:~/debug# arp -n blade06:~/debug# ping -c 1 172.30.1.81 PING 172.30.1.81 (172.30.1.81) 56(84) bytes of data. 26.529660 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.81? Tell 172.30.1.16 64 bytes from 172.30.1.81: icmp_seq=1 ttl=64 time=0.568 ms --- 172.30.1.81 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.568/0.568/0.568/0.000 ms 26.529773 Xensourc_a4:65:f2 -> Ibm_da:3a:a2 ARP 172.30.1.81 is at 00:16:3e:a4:65:f2 26.529785 172.30.1.16 -> 172.30.1.81 ICMP Echo (ping) request 26.529868 172.30.1.81 -> 172.30.1.16 ICMP Echo (ping) reply blade06:~/debug# 31.528379 Xensourc_a4:65:f2 -> Ibm_da:3a:a2 ARP Who has 172.30.1.16? Tell 172.30.1.81 31.528389 Ibm_da:3a:a2 -> Xensourc_a4:65:f2 ARP 172.30.1.16 is at 00:14:5e:da:3a:a2 blade06:~/debug# arp -n Address HWtype HWaddress Flags Mask Iface 172.30.1.81 ether 00:16:3E:A4:65:F2 C eth0 blade06:~/debug# arp --set 172.30.1.11 00:09:6b:b5:0d:90 blade06:~/debug# arp -n Address HWtype HWaddress Flags Mask Iface 172.30.1.81 ether 00:16:3E:A4:65:F2 C eth0 172.30.1.11 ether 00:09:6B:B5:0D:90 CM eth0 blade06:~/debug# ping -c 1 172.30.1.11 PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. 188.243727 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request --- 172.30.1.11 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms blade06:~/debug# Javier Merino escribió:> You are right Anna(except that my external machine is 172.30.1.11): > arp tables in dom0 has not binding for the external machine > (172.30.1.11) while it has for domU (172.30.1.81). > > But my external machine ''can see'' the arp packets sent from dom0 and > is replying to them. So arp-request packets are going out the bridge, > but arp-response packets seems not to be going back from the bridge > xenbr0. I''m not sure about this. > > Thank you both. > > NOTES: > Dustin: the other set up I have with xen 3.0 has the same brctl > configuration. I suppose it is the 3.0 conf as Anna said. > I have not setup an interface for ''default router'' 172.30.1.1 at my > router, but I think this should not interfere. > > *dom0 172.30.1.16* > blade06:~# ping 172.30.1.81 > PING 172.30.1.81 (172.30.1.81) 56(84) bytes of data. > 64 bytes from 172.30.1.81: icmp_seq=1 ttl=64 time=0.898 ms > ... > blade06:~# ping 172.30.1.11 > PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. > From 172.30.1.16 icmp_seq=1 Destination Host Unreachable > ... > blade06:~# arp -n > Address HWtype HWaddress Flags > Mask Iface > 172.30.1.1 > (incomplete) eth0 > 172.30.1.11 > (incomplete) eth0 > 172.30.1.81 ether 00:16:3E:A4:65:F2 > C eth0 > > *domU 172.30.1.81* > test:~# ping 172.30.1.11 > PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. > 64 bytes from 172.30.1.11: icmp_seq=1 ttl=64 time=0.603 ms > ... > test:~# ping 172.30.1.16 > PING 172.30.1.16 (172.30.1.16) 56(84) bytes of data. > 64 bytes from 172.30.1.16: icmp_seq=1 ttl=64 time=0.424 ms > ... > test:~# arp -n > Address HWtype HWaddress Flags > Mask Iface > 172.30.1.11 ether 00:09:6B:B5:0D:90 > C eth0 > 172.30.1.16 ether 00:14:5E:DA:3A:A2 > C eth0 > > *external machine 172.30.1.11* > * - 1st while pinging domU from dom0 (at 0.000000) > * - 2nd while pinging ext mach from dom0 (at 41.160119 and after) > blade01:~# tshark -i peth0 ether host 00:14:5e:da:3a:a2 > Capturing on peth0 > 0.000000 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.81? Tell > 172.30.1.16 > 41.160119 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 41.160153 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > 00:09:6b:b5:0d:90 > 42.160092 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 42.160114 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > 00:09:6b:b5:0d:90 > 43.160099 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 43.160120 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > 00:09:6b:b5:0d:90 > 44.167066 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 44.167089 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > 00:09:6b:b5:0d:90 > 45.164106 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 45.164130 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > 00:09:6b:b5:0d:90 > 46.164119 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 46.164141 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > 00:09:6b:b5:0d:90 > 49.240145 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell > 172.30.1.16 > 50.240151 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell > 172.30.1.16 > 51.240156 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell > 172.30.1.16 > > Fischer, Anna escribió: >> No I think that is correct because Javier is using an old Xen version >> (3.0.3). What does your ARP table on Dom0 show? Does it have a >> binding for 172.30.1.81 (your external machine)? It looks as if your >> ARP requests from Dom0 do not reach the network, and so the ping >> request does not go out. >> >> >>> -----Original Message----- >>> From: xen-users-bounces@lists.xensource.com [mailto:xen-users- >>> bounces@lists.xensource.com] On Behalf Of Dustin Henning >>> Sent: 03 September 2008 17:48 >>> To: ''Javier Merino''; xen-users@lists.xensource.com >>> Subject: RE: [Xen-users] eth0 on dom0 not working on a bridged conf >>> >>> I think eth0 should be included under interfaces here: >>> >>> bridge name bridge id STP enabled interfaces >>> xenbr0 8000.feffffffffff no vif0.0 >>> peth0 >>> vif3.0 >>> >>> The appropriate brctl command will add it to the bridge (not at a Linux >>> machine to get you that command). This is because peth0 is the >>> physical >>> connection to the network and eth0 is where your address is assigned. >>> This >>> is the normal setup for older versions of xen, except eth0 should have >>> been >>> automatically added to the bridge during startup. On newer versions, >>> xenbr0 >>> is deprecated and eth0 is the bridge (which has the address assigned to >>> itself). >>> Dustin >>> >>> -----Original Message----- >>> From: xen-users-bounces@lists.xensource.com >>> [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Javier >>> Merino >>> Sent: Wednesday, September 03, 2008 12:20 >>> To: xen-users@lists.xensource.com >>> Subject: [Xen-users] eth0 on dom0 not working on a bridged conf >>> >>> Hi, >>> >>> I''ve installed xen 3.0.3 from packages (xen-linux-system) on a debian >>> etch, and i''ve configured it with network-bridge script in the default >>> way (netdev=eth0, bridge=xenbr0, etc...) which is ok for me. >>> >>> the problem I have: >>> >>> I cannot ping any outer machine from dom0 (nor any outer machine can >>> ping me). It gives me a "Destination Host Unreachable" message that >>> makes me think there is no arp response. >>> >>> other symptoms: >>> >>> I can ping from dom0 any domU''s I create... >>> ... and from those domU''s I can ping dom0 and also the outer >>> machines that I was unable to ping from dom0. => so, xenbr0 if working >>> properly with peth0, vifX.0 (and eth0 on domU''s) >>> >>> Configuration looks fine in comparation with other xen 3.0 machines I >>> have working. Here is a "/etc/xen/scripts/network-bridge status": >>> >>> ===========================================================>>> 6: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue >>> link/ether 00:14:5e:da:3a:a2 brd ff:ff:ff:ff:ff:ff >>> inet 172.30.1.16/24 brd 172.30.1.255 scope global eth0 >>> inet6 fe80::214:5eff:feda:3aa2/64 scope link >>> valid_lft forever preferred_lft forever >>> 13: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue >>> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff >>> inet6 fe80::200:ff:fe00:0/64 scope link >>> valid_lft forever preferred_lft forever >>> >>> bridge name bridge id STP enabled interfaces >>> xenbr0 8000.feffffffffff no vif0.0 >>> peth0 >>> vif3.0 >>> >>> 172.30.1.0/24 dev eth0 proto kernel scope link src 172.30.1.16 >>> default via 172.30.1.1 dev eth0 >>> >>> Kernel IP routing table >>> Destination Gateway Genmask Flags Metric Ref Use >>> Iface >>> 172.30.1.0 0.0.0.0 255.255.255.0 U 0 0 0 >>> eth0 >>> 0.0.0.0 172.30.1.1 0.0.0.0 UG 0 0 0 >>> eth0 >>> ===========================================================>>> >>> >>> If I manually "/etc/xen/scripts/network-bridge stop", eth0 begins >>> working correctly with the exterior (I can ping, ssh, outer machines >>> and >>> viceversa). >>> >>> dmesg, xend.log and xen-debug.log looks fine for me, but I may missed >>> up something . >>> >>> I''ve installed tshark to test the communications when network-bridge >>> is up, but my knowledge is not enough to understand what''s happening. >>> I''ll send the output of whatever you ask me. >>> >>> Thanks if anyone can help. I am lost after trying almost my best. >>> >>> _______________________________________________ >>> Xen-users mailing list >>> Xen-users@lists.xensource.com >>> http://lists.xensource.com/xen-users >>> >>> >>> >>> _______________________________________________ >>> Xen-users mailing list >>> Xen-users@lists.xensource.com >>> http://lists.xensource.com/xen-users >>> >> >> _______________________________________________ >> Xen-users mailing list >> Xen-users@lists.xensource.com >> http://lists.xensource.com/xen-users >> > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Fischer, Anna
2008-Sep-04 13:25 UTC
RE: [Xen-users] eth0 on dom0 not working on a bridged conf
I am not sure. If you don''t see any packets it is always worth checking if iptables is dropping packets. How does your "iptables -L" look like? I think there have been many issue with networking on several distributions with the older Xen version. Maybe it''d be worth a try to upgrade to a newer Xen version?> -----Original Message----- > From: Javier Merino [mailto:jmerino@iib.uam.es] > Sent: 04 September 2008 12:32 > To: Fischer, Anna > Cc: Dustin.Henning@prd-inc.com; xen-users@lists.xensource.com > Subject: Re: [Xen-users] eth0 on dom0 not working on a bridged conf > > I''m still with the same problem, but I know better what is not working. > > It is not just arp packets, but all incoming ethernet traffic to eth0 > en > dom0. > > If I enforce arp to bind the mac addr to the ip addr, dom0 sends the > ping, the external host replies to the ping, but the reply is never > seen > at dom0. > > *this is what I see from the external host with tshark when dom0 pings > it* > 9895.649694 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request > 9895.649754 172.30.1.11 -> 172.30.1.16 ICMP Echo (ping) reply > > > *this is how I have enforced arp, and how ping is sent and echo > received > from domU 172.30.1.81, * > *but not from the external host 172.30.1.11* > > blade06:~/debug# arp -n > blade06:~/debug# tshark -i eth0 ether host 00:14:5e:da:3a:a2 & > [1] 3944 > blade06:~/debug# Capturing on eth0 > > blade06:~/debug# ping -c 1 172.30.1.11 > PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. > 0.000000 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 1.000062 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > 2.000121 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > 172.30.1.16 > From 172.30.1.16 icmp_seq=1 Destination Host Unreachable > > --- 172.30.1.11 ping statistics --- > 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time > 0ms > > blade06:~/debug# arp -n > blade06:~/debug# ping -c 1 172.30.1.81 > PING 172.30.1.81 (172.30.1.81) 56(84) bytes of data. > 26.529660 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.81? Tell > 172.30.1.16 > 64 bytes from 172.30.1.81: icmp_seq=1 ttl=64 time=0.568 ms > > --- 172.30.1.81 ping statistics --- > 1 packets transmitted, 1 received, 0% packet loss, time 0ms > rtt min/avg/max/mdev = 0.568/0.568/0.568/0.000 ms > 26.529773 Xensourc_a4:65:f2 -> Ibm_da:3a:a2 ARP 172.30.1.81 is at > 00:16:3e:a4:65:f2 > 26.529785 172.30.1.16 -> 172.30.1.81 ICMP Echo (ping) request > 26.529868 172.30.1.81 -> 172.30.1.16 ICMP Echo (ping) reply > blade06:~/debug# 31.528379 Xensourc_a4:65:f2 -> Ibm_da:3a:a2 ARP Who > has 172.30.1.16? Tell 172.30.1.81 > 31.528389 Ibm_da:3a:a2 -> Xensourc_a4:65:f2 ARP 172.30.1.16 is at > 00:14:5e:da:3a:a2 > > blade06:~/debug# arp -n > Address HWtype HWaddress Flags > Mask Iface > 172.30.1.81 ether 00:16:3E:A4:65:F2 > C eth0 > blade06:~/debug# arp --set 172.30.1.11 00:09:6b:b5:0d:90 > blade06:~/debug# arp -n > Address HWtype HWaddress Flags > Mask Iface > 172.30.1.81 ether 00:16:3E:A4:65:F2 > C eth0 > 172.30.1.11 ether 00:09:6B:B5:0D:90 > CM eth0 > blade06:~/debug# ping -c 1 172.30.1.11 > PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. > 188.243727 172.30.1.16 -> 172.30.1.11 ICMP Echo (ping) request > > --- 172.30.1.11 ping statistics --- > 1 packets transmitted, 0 received, 100% packet loss, time 0ms > > blade06:~/debug# > > > Javier Merino escribió: > > You are right Anna(except that my external machine is 172.30.1.11): > > arp tables in dom0 has not binding for the external machine > > (172.30.1.11) while it has for domU (172.30.1.81). > > > > But my external machine ''can see'' the arp packets sent from dom0 and > > is replying to them. So arp-request packets are going out the bridge, > > but arp-response packets seems not to be going back from the bridge > > xenbr0. I''m not sure about this. > > > > Thank you both. > > > > NOTES: > > Dustin: the other set up I have with xen 3.0 has the same brctl > > configuration. I suppose it is the 3.0 conf as Anna said. > > I have not setup an interface for ''default router'' 172.30.1.1 at my > > router, but I think this should not interfere. > > > > *dom0 172.30.1.16* > > blade06:~# ping 172.30.1.81 > > PING 172.30.1.81 (172.30.1.81) 56(84) bytes of data. > > 64 bytes from 172.30.1.81: icmp_seq=1 ttl=64 time=0.898 ms > > ... > > blade06:~# ping 172.30.1.11 > > PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. > > From 172.30.1.16 icmp_seq=1 Destination Host Unreachable > > ... > > blade06:~# arp -n > > Address HWtype HWaddress Flags > > Mask Iface > > 172.30.1.1 > > (incomplete) eth0 > > 172.30.1.11 > > (incomplete) eth0 > > 172.30.1.81 ether 00:16:3E:A4:65:F2 > > C eth0 > > > > *domU 172.30.1.81* > > test:~# ping 172.30.1.11 > > PING 172.30.1.11 (172.30.1.11) 56(84) bytes of data. > > 64 bytes from 172.30.1.11: icmp_seq=1 ttl=64 time=0.603 ms > > ... > > test:~# ping 172.30.1.16 > > PING 172.30.1.16 (172.30.1.16) 56(84) bytes of data. > > 64 bytes from 172.30.1.16: icmp_seq=1 ttl=64 time=0.424 ms > > ... > > test:~# arp -n > > Address HWtype HWaddress Flags > > Mask Iface > > 172.30.1.11 ether 00:09:6B:B5:0D:90 > > C eth0 > > 172.30.1.16 ether 00:14:5E:DA:3A:A2 > > C eth0 > > > > *external machine 172.30.1.11* > > * - 1st while pinging domU from dom0 (at 0.000000) > > * - 2nd while pinging ext mach from dom0 (at 41.160119 and after) > > blade01:~# tshark -i peth0 ether host 00:14:5e:da:3a:a2 > > Capturing on peth0 > > 0.000000 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.81? Tell > > 172.30.1.16 > > 41.160119 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > > 172.30.1.16 > > 41.160153 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > > 00:09:6b:b5:0d:90 > > 42.160092 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > > 172.30.1.16 > > 42.160114 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > > 00:09:6b:b5:0d:90 > > 43.160099 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > > 172.30.1.16 > > 43.160120 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > > 00:09:6b:b5:0d:90 > > 44.167066 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > > 172.30.1.16 > > 44.167089 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > > 00:09:6b:b5:0d:90 > > 45.164106 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > > 172.30.1.16 > > 45.164130 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > > 00:09:6b:b5:0d:90 > > 46.164119 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.11? Tell > > 172.30.1.16 > > 46.164141 Ibm_b5:0d:90 -> Ibm_da:3a:a2 ARP 172.30.1.11 is at > > 00:09:6b:b5:0d:90 > > 49.240145 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell > > 172.30.1.16 > > 50.240151 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell > > 172.30.1.16 > > 51.240156 Ibm_da:3a:a2 -> Broadcast ARP Who has 172.30.1.1? Tell > > 172.30.1.16 > > > > Fischer, Anna escribió: > >> No I think that is correct because Javier is using an old Xen > version > >> (3.0.3). What does your ARP table on Dom0 show? Does it have a > >> binding for 172.30.1.81 (your external machine)? It looks as if your > >> ARP requests from Dom0 do not reach the network, and so the ping > >> request does not go out. > >> > >> > >>> -----Original Message----- > >>> From: xen-users-bounces@lists.xensource.com [mailto:xen-users- > >>> bounces@lists.xensource.com] On Behalf Of Dustin Henning > >>> Sent: 03 September 2008 17:48 > >>> To: ''Javier Merino''; xen-users@lists.xensource.com > >>> Subject: RE: [Xen-users] eth0 on dom0 not working on a bridged conf > >>> > >>> I think eth0 should be included under interfaces here: > >>> > >>> bridge name bridge id STP enabled interfaces > >>> xenbr0 8000.feffffffffff no vif0.0 > >>> peth0 > >>> vif3.0 > >>> > >>> The appropriate brctl command will add it to the bridge (not at a > Linux > >>> machine to get you that command). This is because peth0 is the > >>> physical > >>> connection to the network and eth0 is where your address is > assigned. > >>> This > >>> is the normal setup for older versions of xen, except eth0 should > have > >>> been > >>> automatically added to the bridge during startup. On newer > versions, > >>> xenbr0 > >>> is deprecated and eth0 is the bridge (which has the address > assigned to > >>> itself). > >>> Dustin > >>> > >>> -----Original Message----- > >>> From: xen-users-bounces@lists.xensource.com > >>> [mailto:xen-users-bounces@lists.xensource.com] On Behalf Of Javier > >>> Merino > >>> Sent: Wednesday, September 03, 2008 12:20 > >>> To: xen-users@lists.xensource.com > >>> Subject: [Xen-users] eth0 on dom0 not working on a bridged conf > >>> > >>> Hi, > >>> > >>> I''ve installed xen 3.0.3 from packages (xen-linux-system) on a > debian > >>> etch, and i''ve configured it with network-bridge script in the > default > >>> way (netdev=eth0, bridge=xenbr0, etc...) which is ok for me. > >>> > >>> the problem I have: > >>> > >>> I cannot ping any outer machine from dom0 (nor any outer machine > can > >>> ping me). It gives me a "Destination Host Unreachable" message that > >>> makes me think there is no arp response. > >>> > >>> other symptoms: > >>> > >>> I can ping from dom0 any domU''s I create... > >>> ... and from those domU''s I can ping dom0 and also the outer > >>> machines that I was unable to ping from dom0. => so, xenbr0 if > working > >>> properly with peth0, vifX.0 (and eth0 on domU''s) > >>> > >>> Configuration looks fine in comparation with other xen 3.0 > machines I > >>> have working. Here is a "/etc/xen/scripts/network-bridge status": > >>> > >>> ===========================================================> >>> 6: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue > >>> link/ether 00:14:5e:da:3a:a2 brd ff:ff:ff:ff:ff:ff > >>> inet 172.30.1.16/24 brd 172.30.1.255 scope global eth0 > >>> inet6 fe80::214:5eff:feda:3aa2/64 scope link > >>> valid_lft forever preferred_lft forever > >>> 13: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue > >>> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff > >>> inet6 fe80::200:ff:fe00:0/64 scope link > >>> valid_lft forever preferred_lft forever > >>> > >>> bridge name bridge id STP enabled interfaces > >>> xenbr0 8000.feffffffffff no vif0.0 > >>> peth0 > >>> vif3.0 > >>> > >>> 172.30.1.0/24 dev eth0 proto kernel scope link src 172.30.1.16 > >>> default via 172.30.1.1 dev eth0 > >>> > >>> Kernel IP routing table > >>> Destination Gateway Genmask Flags Metric Ref > Use > >>> Iface > >>> 172.30.1.0 0.0.0.0 255.255.255.0 U 0 0 > 0 > >>> eth0 > >>> 0.0.0.0 172.30.1.1 0.0.0.0 UG 0 0 > 0 > >>> eth0 > >>> ===========================================================> >>> > >>> > >>> If I manually "/etc/xen/scripts/network-bridge stop", eth0 > begins > >>> working correctly with the exterior (I can ping, ssh, outer > machines > >>> and > >>> viceversa). > >>> > >>> dmesg, xend.log and xen-debug.log looks fine for me, but I may > missed > >>> up something . > >>> > >>> I''ve installed tshark to test the communications when network- > bridge > >>> is up, but my knowledge is not enough to understand what''s > happening. > >>> I''ll send the output of whatever you ask me. > >>> > >>> Thanks if anyone can help. I am lost after trying almost my best. > >>> > >>> _______________________________________________ > >>> Xen-users mailing list > >>> Xen-users@lists.xensource.com > >>> http://lists.xensource.com/xen-users > >>> > >>> > >>> > >>> _______________________________________________ > >>> Xen-users mailing list > >>> Xen-users@lists.xensource.com > >>> http://lists.xensource.com/xen-users > >>> > >> > >> _______________________________________________ > >> Xen-users mailing list > >> Xen-users@lists.xensource.com > >> http://lists.xensource.com/xen-users > >> > > > > > > _______________________________________________ > > Xen-users mailing list > > Xen-users@lists.xensource.com > > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users