Hi,
xen 3.4.1 - several domUs - bridged networking.
1) domU has not been MAC assigned in cfg file. Running for several
months without problem.
Now domu has been shutdown. After starting again, vif MAC has been
randomly created new.
Domu cannot communicate with gate - can ping only host IP and IPs
of domU which are on the same host.
Located previous vif MAC in xend.log and assigned it to domu cfg
file - communication works without problem.
2) domU vif MAC cannot be changed
3) in the past we copied one domU accidentally including MAC address.
Both original and copy domu cannot
communicate with outside world with any MAC address other then the original.
4) the problem is totaly associated to MAC address allocation. There
is no problem to change IP address of "working domU".
Any help greatly appreciated.
Thank you
Peter
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
Peter Braun wrote:>xen 3.4.1 - several domUs - bridged networking. > >1) domU has not been MAC assigned in cfg file. Running for several >months without problem. > Now domu has been shutdown. After starting again, vif MAC has been >randomly created new. > Domu cannot communicate with gate - can ping only host IP and IPs >of domU which are on the same host. > Located previous vif MAC in xend.log and assigned it to domu cfg >file - communication works without problem. > >2) domU vif MAC cannot be changed > >3) in the past we copied one domU accidentally including MAC address. >Both original and copy domu cannot > communicate with outside world with any MAC address other then >the original. > >4) the problem is totaly associated to MAC address allocation. There >is no problem to change IP address of "working domU".The problem is likely to be ARP caching. Devices will cache MAC-IP pairs for some time so as to avoid having to keep making ARP requests. Different systems will behave differently in terms of how long they cache entries for, and whether they''ll update the table based on unsolicited packets received. Another possible cause is switches. I believe some of these will snoop traffic and cache IP-MAC pairs as a security measure - blocking packets from what they perceive as ''rogue'' devices with a different MAC address. Also, are you running any packet filtering on Dom0 ? The first thing I''d do is look at the ARP table on a host you can''t communicate with - and delete any stale entries. If that doesn''t work, then it''s time to fire up a packet sniffer and see what packets are getting where. At work I have the reverse problem - if we move a device, then the HP switches won''t forget the old MAC-Port pairing until it times out (5 mins by default) and so the minimum outage when moving something is 5 minutes without going into the switches and fiddling. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Solved. The problem was " enabled port security" on switch. Br Peter 2010/3/30 Simon Hobson <linux@thehobsons.co.uk>:> Peter Braun wrote: > >> xen 3.4.1 - several domUs - bridged networking. >> >> 1) domU has not been MAC assigned in cfg file. Running for several >> months without problem. >> Now domu has been shutdown. After starting again, vif MAC has been >> randomly created new. >> Domu cannot communicate with gate - can ping only host IP and IPs >> of domU which are on the same host. >> Located previous vif MAC in xend.log and assigned it to domu cfg >> file - communication works without problem. >> >> 2) domU vif MAC cannot be changed >> >> 3) in the past we copied one domU accidentally including MAC address. >> Both original and copy domu cannot >> communicate with outside world with any MAC address other then the >> original. >> >> 4) the problem is totaly associated to MAC address allocation. There >> is no problem to change IP address of "working domU". > > The problem is likely to be ARP caching. Devices will cache MAC-IP pairs for > some time so as to avoid having to keep making ARP requests. Different > systems will behave differently in terms of how long they cache entries for, > and whether they''ll update the table based on unsolicited packets received. > > Another possible cause is switches. I believe some of these will snoop > traffic and cache IP-MAC pairs as a security measure - blocking packets from > what they perceive as ''rogue'' devices with a different MAC address. > > Also, are you running any packet filtering on Dom0 ? > > > The first thing I''d do is look at the ARP table on a host you can''t > communicate with - and delete any stale entries. If that doesn''t work, then > it''s time to fire up a packet sniffer and see what packets are getting > where. > > > At work I have the reverse problem - if we move a device, then the HP > switches won''t forget the old MAC-Port pairing until it times out (5 mins by > default) and so the minimum outage when moving something is 5 minutes > without going into the switches and fiddling. > > -- > Simon Hobson > > Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed > author Gladys Hobson. Novels - poetry - short stories - ideal as > Christmas stocking fillers. Some available as e-books. > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users