Hello,
XEN 4.0 with pvops 2.6.32.11 Dom0 kernel. Configured PV DomU with the same pvops
Xen kernel on top of it.
Physical computers has 3 NICs - every NIC in own bridge (first one created by
Xen).
eth0 8000.00138fe78f1b no peth0
mst1 8000.0040f4b5286e no eth1
vif5.0
mst2 8000.000e2e68db10 no eth2
vif5.1
Attached 2 virtual NICs to the PV DomU and bridges - I want to use that DomU as
router between that two bridges (enabled ip_forwarding in DomU) - mst1 and mst2.
I can ping from netwok on eth1 the vif5.0 interface.
I can ping from network on eth2 the vif5.1 interface.
I can see with tcpdump, that the DomU routes the traffic between its eth0 and
eth1 interfaces (tcpdump inside the domu).
I can see with tcpdump the incoming traffic in mst1 and vif5.0.
But there''s nothing on the vif5.1and mst2 bridge - even when tcpdump on
the eth1 in that PV DomU shows the routed traffic ("works" the same
in opposite direction too).
Looks like all traffic routed by that PV DomU cant''t get from DomU eth
interface to the vif interface. Ping from the DomU works (non routed traffic),
but no routed traffic can get thu this Dom0.
IPltables flushed with -F
Thanks for every idea, i''m clueless right now. :(
Regars
Matej
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
Matej Zary
2010-May-08 11:21 UTC
Re: Re: [Xen-users] DomU routed traffic disappearing in vif.
On Sat, 2010-05-08 at 02:53 +0200, Matej Zary wrote:> Hello, > > > XEN 4.0 with pvops 2.6.32.11 Dom0 kernel. Configured PV DomU with the same pvops Xen kernel on top of it. > > Physical computers has 3 NICs - every NIC in own bridge (first one created by Xen). > > eth0 8000.00138fe78f1b no peth0 > mst1 8000.0040f4b5286e no eth1 > vif5.0 > mst2 8000.000e2e68db10 no eth2 > vif5.1 > > Attached 2 virtual NICs to the PV DomU and bridges - I want to use that DomU as router between that two bridges (enabled ip_forwarding in DomU) - mst1 and mst2. > > I can ping from netwok on eth1 the vif5.0 interface. > I can ping from network on eth2 the vif5.1 interface. > I can see with tcpdump, that the DomU routes the traffic between its eth0 and eth1 interfaces (tcpdump inside the domu). > I can see with tcpdump the incoming traffic in mst1 and vif5.0. > But there's nothing on the vif5.1and mst2 bridge - even when tcpdump on the eth1 in that PV DomU shows the routed traffic ("works" the same in opposite direction too). > > Looks like all traffic routed by that PV DomU cant't get from DomU eth interface to the vif interface. Ping from the DomU works (non routed traffic), but no routed traffic can get thu this Dom0. > > IPltables flushed with -F > > Thanks for every idea, i'm clueless right now. :( > > Regars > > MatejWell, it's the dreaded cksum incorrect error (and Real(BAD)tek PCI NICs). Tried to set off the tx check-summing on all interfaces (eth interfaces in DomU, eth and bridge interfaces in Dom0) with ethtool -K iface tx off, and it changed the situation a little bit - now are these packets with incorrect checksum visible on the outgoing eth2 physical NIC in the mst2 bridge and also on physical host in the physical network connected to mst2 bridge via the eth2 NIC. Final result ist still the same, physical hosts routed via the DomU can't communicate (now they are getting packets with wrong checksum at least :D). Any chances that newer pv_ops kernel that the 2.6.32.11 (git stable) version will solve this issue? Or I have to switch to the 2.6.18 and the forwardported oldstyle kernels? Thanks. Regards Matej _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
mdlabriola@yahoo.com
2010-May-08 13:07 UTC
Re: Re: [Xen-users] DomU routed traffic disappearing in vif.
I reported almost the same problem on xen-devel a few weeks ago and didn't get many responses. My testing indicates that something regarding the bridging in the pv_ops kernels is quite broken. I was using 2.6.31.11 with Xen 3.4.2 at the time. Gonna try upgrading to 4.0 and all Jeremy's other kernel branches on Monday... My setup was using VLAN interfaces over the eth0 bridge, but fleshing it out to 3 bridges and eth1-3 on domU also didn't work. -Mike Ps - darn these top posts... But I'm at home. ;-) --- Michael D Labriola 21 Rip Van Winkle Cir Warwick, RI 02886 401-316-9844 -----Original Message----- From: Matej Zary <zary@cvtisr.sk> Date: Sat, 8 May 2010 13:21:25 To: xen-users@lists.xensource.com<xen-users@lists.xensource.com> Subject: Re: Re: [Xen-users] DomU routed traffic disappearing in vif. On Sat, 2010-05-08 at 02:53 +0200, Matej Zary wrote:> Hello, > > > XEN 4.0 with pvops 2.6.32.11 Dom0 kernel. Configured PV DomU with the same pvops Xen kernel on top of it. > > Physical computers has 3 NICs - every NIC in own bridge (first one created by Xen). > > eth0 8000.00138fe78f1b no peth0 > mst1 8000.0040f4b5286e no eth1 > vif5.0 > mst2 8000.000e2e68db10 no eth2 > vif5.1 > > Attached 2 virtual NICs to the PV DomU and bridges - I want to use that DomU as router between that two bridges (enabled ip_forwarding in DomU) - mst1 and mst2. > > I can ping from netwok on eth1 the vif5.0 interface. > I can ping from network on eth2 the vif5.1 interface. > I can see with tcpdump, that the DomU routes the traffic between its eth0 and eth1 interfaces (tcpdump inside the domu). > I can see with tcpdump the incoming traffic in mst1 and vif5.0. > But there's nothing on the vif5.1and mst2 bridge - even when tcpdump on the eth1 in that PV DomU shows the routed traffic ("works" the same in opposite direction too). > > Looks like all traffic routed by that PV DomU cant't get from DomU eth interface to the vif interface. Ping from the DomU works (non routed traffic), but no routed traffic can get thu this Dom0. > > IPltables flushed with -F > > Thanks for every idea, i'm clueless right now. :( > > Regars > > MatejWell, it's the dreaded cksum incorrect error (and Real(BAD)tek PCI NICs). Tried to set off the tx check-summing on all interfaces (eth interfaces in DomU, eth and bridge interfaces in Dom0) with ethtool -K iface tx off, and it changed the situation a little bit - now are these packets with incorrect checksum visible on the outgoing eth2 physical NIC in the mst2 bridge and also on physical host in the physical network connected to mst2 bridge via the eth2 NIC. Final result ist still the same, physical hosts routed via the DomU can't communicate (now they are getting packets with wrong checksum at least :D). Any chances that newer pv_ops kernel that the 2.6.32.11 (git stable) version will solve this issue? Or I have to switch to the 2.6.18 and the forwardported oldstyle kernels? Thanks. Regards Matej _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users