I''m trying to use Xen in the following way and having a real problem getting it to work. What I''m using Xen for is to run both production and development web servers, a database server, and a mail server on different DomU''s. All of them obviously need some type of web access, if only for system patching. What I would like to do is use DomU-only networking between the web and database servers in addition to the publicly accessible ip addresses for those servers. Is this possible? So far all my attempts at it have failed. I can successfully set up two publicly available ip addresses on the DomU''s using separate NICs on Dom0, but any time I try using a single NIC and a purely virtual network on the DomU''s the DomU''s lose all networking capability. Interfaces that were reachable from other physical machines are no longer pingable and report they are disconnected from the network from inside the DomU itself. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, Feb 17, 2009 at 5:30 AM, Gary Koskenmaki <garyk@skilltran.net> wrote:> I''m trying to use Xen in the following way and having a real problem > getting it to work.> Is this possible? So far all my attempts at it have failed. I can > successfully set up two publicly available ip addresses on the DomU''s > using separate NICs on Dom0, but any time I try using a single NIC and a > purely virtual network on the DomU''s the DomU''s lose all networkingWhat distro do you use? RHEL/Centos should include libvirtd by default, which creates the bridge virbr0. This is similar to VMWare''s NAT network setup. You simply need to assign domU to virbr0 bridge. In my case, I prefer to do all bridge setup using RHEL''s method (/etc/sysconfig/network-scripts/ifcfg-br*), and disabling xend''s network-script. It makes it easier to create complex network setup (bridged + vlan, guest only, etc.) Regards, Fajar _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, 2009-02-17 at 09:57 +0700, Fajar A. Nugraha wrote:> On Tue, Feb 17, 2009 at 5:30 AM, Gary Koskenmaki <garyk@skilltran.net> wrote: > > I''m trying to use Xen in the following way and having a real problem > > getting it to work. > > > Is this possible? So far all my attempts at it have failed. I can > > successfully set up two publicly available ip addresses on the DomU''s > > using separate NICs on Dom0, but any time I try using a single NIC and a > > purely virtual network on the DomU''s the DomU''s lose all networking > > What distro do you use?I''m running Debian, Lenny, to be specific. I''m using only the tools that come as Debian packages, and I''m creating the DomU''s with xen-tools. I''m glad to hear that this should at least be possible. I figured it should be, but was beginning to wonder. The version of Xen that is in the Lenny repositories is 3.2. As far as your reference to libvirtd is concerned Lenny has a few libvirt packages, none of which I have installed, and they areall libraries to executable programs, per se, I do have a package named Convirt installed, which came out of unstable, and it''s used for creating virtual machines in Xen. From what I''ve seen of it playing around with it, it''s just as easy to use xen-tools though and I haven''t see anything there about creating network connections with it. There is a Debian package called virtinst whose home page is from RedHat. Here''s the output from apt-cache show virtinst. Is this the same as the libvirtd package that you''re talking about? $ apt-cache show virtinst Package: virtinst Priority: extra Section: admin Installed-Size: 768 Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org> Architecture: all Version: 0.400.0-7 Depends: python (>= 2.4), python-support (>= 0.7.1), python-libvirt (>0.4.6), python-libxml2, python-urlgrabber Recommends: virt-viewer, qemu Filename: pool/main/v/virtinst/virtinst_0.400.0-7_all.deb Size: 186600 MD5sum: 27af52c00b5454374a5e20f7990356c3 SHA1: 2484e3942aac45f2e019ec9dde1c6b801381ace6 SHA256: ca8a686a507a21d7b933a4033f7c6cd92e29578bdadb830b5ab88124c6f09d87 Description: Programs to create and clone virtual machines Virtinst is a set of commandline tools to create virtual machines using libvirt: . virt-install: provision new virtual machines virt-clone: clone existing virtual machines virt-image: create virtual machines from an image description virt-convert: convert virtual machines between formats Homepage: http://virt-manager.et.redhat.com/ Tag: admin::virtualization, implemented-in::python, role::program> RHEL/Centos should include libvirtd by default, which creates the > bridge virbr0. This is similar to VMWare''s NAT network setup. You > simply need to assign domU to virbr0 bridge. > > In my case, I prefer to do all bridge setup using RHEL''s method > (/etc/sysconfig/network-scripts/ifcfg-br*), and disabling xend''s > network-script. It makes it easier to create complex network setup > (bridged + vlan, guest only, etc.) > > Regards, > > Fajar > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, Feb 17, 2009 at 10:48 AM, Gary Koskenmaki <garyk@skilltran.net> wrote:>> What distro do you use? > I''m running Debian, Lenny, to be specific. I''m using only the tools > that come as Debian packages, and I''m creating the DomU''s with > xen-tools.In that case I''d actually suggest you create your own bridge. Something like this on /etc/network/interfaces (tested on Ubuntu Intrepid), and set domUs to use brtest bridge. auto brtest iface brtest inet manual pre-up brctl addbr brtest post-down ifconfig brtest down post-down brctl delbr brtest This will create a real guest-only network on brtest, as in dom0 can''t access domU via that network and vice-versa. Here''s another example auto brtest iface brtest inet static address 10.0.0.1 netmask 255.255.255.0 pre-up brctl addbr brtest post-down ifconfig brtest down post-down brctl delbr brtest This way dom0 uses ip address 10.0.0.1/24, and if you put domU on the same subnet it will be able to communicate with dom0. Regards, Fajar _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, 2009-02-17 at 11:19 +0700, Fajar A. Nugraha wrote:> On Tue, Feb 17, 2009 at 10:48 AM, Gary Koskenmaki <garyk@skilltran.net> wrote: > >> What distro do you use? > > I''m running Debian, Lenny, to be specific. I''m using only the tools > > that come as Debian packages, and I''m creating the DomU''s with > > xen-tools.First, thanks for your replies. I appreciate your help. I''d already been doing all of this to start with. I just couldn''t get the corresponding network interfaces in the DomU''s to be created. I finally figured part of this out just seeing that you were telling me to do the same things I''d already been doing. That made me look elsewhere because I thought I''d been doing something wrong in this area. It turns out I just needed to use "xm network-attach domain.name ip=xxx.xxx.xxx.xxx bridge=bridge_name" to create the extra interface in the DomU''s, and then do an ifup on that interface. So far, so good. However, bringing up this second interface (eth1) in the DomU creates a problem for the existing eth0. There is now no network connectivity to or from eth0. ifconfig shows both interfaces as being configured and if I do an ifup on eth0 it is reported as already configured. I can ping eth0''s ip address from within the DomU but that''s it. As soon as I manually detach the eth1 network from the DomU using "xm network-detach domain.name device_id" the default network interface, eth0, begins to function again as it should.> > In that case I''d actually suggest you create your own bridge. > Something like this on /etc/network/interfaces (tested on Ubuntu > Intrepid), and set domUs to use brtest bridge. > > auto brtest > iface brtest inet manual > pre-up brctl addbr brtest > post-down ifconfig brtest down > post-down brctl delbr brtest > This will create a real guest-only network on brtest, as in dom0 can''t > access domU via that network and vice-versa. Here''s another example > > auto brtest > iface brtest inet static > address 10.0.0.1 > netmask 255.255.255.0 > pre-up brctl addbr brtest > post-down ifconfig brtest down > post-down brctl delbr brtest > > This way dom0 uses ip address 10.0.0.1/24, and if you put domU on the > same subnet it will be able to communicate with dom0. > Regards, > > Fajar > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, Feb 17, 2009 at 2:48 PM, Gary Koskenmaki <garyk@skilltran.net> wrote:> It turns out I just needed to use "xm network-attach domain.name > ip=xxx.xxx.xxx.xxx bridge=bridge_name" to create the extra interface in > the DomU''s, and then do an ifup on that interface.Ah, so your problem is on domU side :) Here''s what might help : (1) Assign both domU''s NIC from the start on domU config file, put static MAC on them. Something like vif = [ ''mac=00:16:3E:EC:C4:6A, bridge=br1'', ''mac=00:16:3E:EC:C4:6B, bridge=br2'', ] If you rather use "xm network-attach", be sure to specifiy the "mac" option.>From your command above I see that you''re not using a static MAC,which may cause a problem. (2) Do NOT assign IP address on domU config file (or in your case, xm network-attach). Simply use normal method of assigning IP address (on Debian it would be domU''s /etc/network/interfaces). What is the contents of your domU''s /etc/network/interfaces? What does "ifconfig -a" shows on your domU? What is the contents of /etc/udev/rules.d/70-persistent-net.rules (or similar) on domU? _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, 2009-02-17 at 14:58 +0700, Fajar A. Nugraha wrote:> On Tue, Feb 17, 2009 at 2:48 PM, Gary Koskenmaki <garyk@skilltran.net> wrote: > > It turns out I just needed to use "xm network-attach domain.name > > ip=xxx.xxx.xxx.xxx bridge=bridge_name" to create the extra interface in > > the DomU''s, and then do an ifup on that interface. > > Ah, so your problem is on domU side :) > Here''s what might help : > (1) Assign both domU''s NIC from the start on domU config file, put > static MAC on them. Something like > > vif = [ > ''mac=00:16:3E:EC:C4:6A, bridge=br1'', > ''mac=00:16:3E:EC:C4:6B, bridge=br2'', > ] > > If you rather use "xm network-attach", be sure to specifiy the "mac" option. > >From your command above I see that you''re not using a static MAC, > which may cause a problem. > > (2) Do NOT assign IP address on domU config file (or in your case, xm > network-attach). Simply use normal method of assigning IP address (on > Debian it would be domU''s /etc/network/interfaces). What is the > contents of your domU''s /etc/network/interfaces? What does "ifconfig > -a" shows on your domU? What is the contents of > /etc/udev/rules.d/70-persistent-net.rules (or similar) on domU? > > ____Fajar, you da man. Thanks for all your help. I had two issues that were keeping me from getting networking working the way I wanted it to and you solved both. The vif = line hadn''t worked for me because the examples I had seen of using two interfaces there had either used dynamic mac address creation or had typos in them that used single quotes at only the beginning of the first interface and the end of the second interface. Manually assigning mac addresses and adding the two extra single quote marks that differentiate the two interfaces solved all the xen networking issues I have experienced. Thanks once again for all your help.> __________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users