Xen users - Mar 2011 - Multiple physical interfaces problems

Hi,

I''m running the following on Debian stable (squeeze);

  libxenstore3.0                      4.0.1-2
  linux-image-2.6.32-5-xen-amd64      2.6.32-30
  xen-hypervisor-4.0-amd64            4.0.1-2
  xen-tools                           4.2-1
  xen-utils-4.0                       4.0.1-2
  xen-utils-common                    4.0.0-1
  xenstore-utils                      4.0.1-2Xen


Dom0 can communicate perfectly well with two distinct networks via two 
physical Ethernet ports, one going to any Internet location, the other 
routing to local networks.


I''ve got this is my /etc/xen/xend-config.sxp

   (network-script ''network-bridge-wrapper antispoof=yes'')


And here is the script:

#  cat network-bridge-wrapper
#!/bin/bash
/etc/xen/scripts/network-bridge "$@" netdev=eth0
/etc/xen/scripts/network-bridge "$@" netdev=eth1



Dom0

Destination  Gateway       Genmask       Flags  MSS Window irtt Iface
192.168.1.0  0.0.0.0       255.255.255.0 U        0 0         0 eth0
192.168.2.0  0.0.0.0       255.255.255.0 U        0 0         0 eth1
192.168.3.0  192.168.2.1   255.255.255.0 UG       0 0         0 eth0
0.0.0.0      192.168.1.254 0.0.0.0       UG       0 0         0 eth1


DomU

Destination  Gateway       Genmask       Flags  MSS Window irtt Iface
192.168.1.0  0.0.0.0       255.255.255.0 U        0 0         0 eth1
192.168.2.0  0.0.0.0       255.255.255.0 U        0 0         0 eth0
192.168.3.0  192.168.2.1   255.255.255.0 UG       0 0         0 eth1
0.0.0.0      192.168.1.254 0.0.0.0       UG       0 0         0 eth0



Dom0

eth0  Link encap:Ethernet  HWaddr 00:11:25:8e:35:5e
       inet addr:192.168.1.9  Bcast:192.168.1.255  Mask:255.255.255.0
       inet6 addr: fe80::211:25ff:fe8e:355e/64 Scope:Link
       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

eth1  Link encap:Ethernet  HWaddr 00:11:25:8e:35:5f
       inet addr:192.168.2.9  Bcast:192.168.2.255  Mask:255.255.255.0
       inet6 addr: fe80::211:25ff:fe8e:355f/64 Scope:Link
       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

eth2  Link encap:Ethernet  HWaddr 00:0e:0c:76:4a:08
       BROADCAST MULTICAST  MTU:1500  Metric:1

lo    Link encap:Local Loopback
       inet addr:127.0.0.1  Mask:255.0.0.0
       inet6 addr: ::1/128 Scope:Host
       UP LOOPBACK RUNNING  MTU:16436  Metric:1

peth0 Link encap:Ethernet  HWaddr 00:11:25:8e:35:5e
       inet6 addr: fe80::211:25ff:fe8e:355e/64 Scope:Link
       UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

peth1 Link encap:Ethernet  HWaddr 00:11:25:8e:35:5f
       inet6 addr: fe80::211:25ff:fe8e:355f/64 Scope:Link
       UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

vif2.0 Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff
        inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
        UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

vif2.1 Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff
        inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
        UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1



DomU

eth0  Link encap:Ethernet  HWaddr 00:16:3e:24:79:d6
       inet addr:192.168.1.201  Bcast:192.168.1.255  Mask:255.255.255.0
       inet6 addr: fe80::216:3eff:fe24:79d6/64 Scope:Link
       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

eth1  Link encap:Ethernet  HWaddr 00:16:3e:24:79:d7
       inet addr:192.168.2.201  Bcast:192.168.2.255  Mask:255.255.255.0
       inet6 addr: fe80::216:3eff:fe24:79d7/64 Scope:Link
       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

lo    Link encap:Local Loopback
       inet addr:127.0.0.1  Mask:255.0.0.0
       inet6 addr: ::1/128 Scope:Host
       UP LOOPBACK RUNNING  MTU:16436  Metric:1


Dom0 & DomU have static IP assignment for each interface.


Both machines (Dom0 and DomU) have an "up" route added for a local 
network accessible via another local network.



Network extract in DomU cfg file:

vif         = [
                   ''mac=00:16:3E:24:79:D6, bridge=eth0'',
                   ''mac=00:16:3E:24:79:D7, bridge=eth1'',
               ]



What am I missing here?



I need DomU to act just like Dom0, that is to be able to route and 
communicate anywhere.



Thanks.

-- 
Kind Regards
AndrewM

Andrew McGlashan
Broadband Solutions now including VoIP


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Andrew McGlashan wrote:

A long and detailed description of the setup, but not what the problem is !
>What am I missing here?
What isn''t working ?

I have spotted one fundamental error, which is one I''ve made in the 
past :-/ And I recall scratching my head for ages until I took a tea 
break, and when I came back the penny dropped.

>Dom0
>
>Destination  Gateway       Genmask       Flags  MSS Window irtt Iface
>192.168.1.0  0.0.0.0       255.255.255.0 U        0 0         0 eth0
>192.168.2.0  0.0.0.0       255.255.255.0 U        0 0         0 eth1
>192.168.3.0  192.168.2.1   255.255.255.0 UG       0 0         0 eth0
>0.0.0.0      192.168.1.254 0.0.0.0       UG       0 0         0 eth1
I''m guessing that Dom0 can communicate with devices in the 
192.168.1.0/24 and 192.168.2.0/24 networks, but not those on the 
wider internet or 192.168.3.0/24 ?
The routes for the latter are on the wrong interfaces :
The default gateway of 192.168.1.254 is reachable via eth0, not eth1.
The router 192.168.2.1 is reachable via eth1, not eth0.
>DomU
>
>Destination  Gateway       Genmask       Flags  MSS Window irtt Iface
>192.168.1.0  0.0.0.0       255.255.255.0 U        0 0         0 eth1
>192.168.2.0  0.0.0.0       255.255.255.0 U        0 0         0 eth0
>192.168.3.0  192.168.2.1   255.255.255.0 UG       0 0         0 eth1
>0.0.0.0      192.168.1.254 0.0.0.0       UG       0 0         0 eth0
Ditto except eth0 and eth1 appear to be swapped round.
But this is inconsistent with other information provided
:
>vif         = [
>                   ''mac=00:16:3E:24:79:D6, bridge=eth0'',
>                   ''mac=00:16:3E:24:79:D7, bridge=eth1'',
>               ]
This suggests that DomU eth0 should be connected to the eth0 host 
bridge, and similarly for eth1.
>DomU
>
>eth0  Link encap:Ethernet  HWaddr 00:16:3e:24:79:d6
>       inet addr:192.168.1.201  Bcast:192.168.1.255  Mask:255.255.255.0
>       inet6 addr: fe80::216:3eff:fe24:79d6/64 Scope:Link
>       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>eth1  Link encap:Ethernet  HWaddr 00:16:3e:24:79:d7
>       inet addr:192.168.2.201  Bcast:192.168.2.255  Mask:255.255.255.0
>       inet6 addr: fe80::216:3eff:fe24:79d7/64 Scope:Link
>       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
This backs that up.

So both of those are inconsistent with the DomU routing table shown.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Hi Simon,

Simon Hobson wrote:
> I''m guessing that Dom0 can communicate with devices in the 
> 192.168.1.0/24 and 192.168.2.0/24 networks, but not those on the wider 
> internet or 192.168.3.0/24 ?
> The routes for the latter are on the wrong interfaces :
> The default gateway of 192.168.1.254 is reachable via eth0, not eth1.
> The router 192.168.2.1 is reachable via eth1, not eth0.
You were right, I had to transpose eth0 and eth1 on the DomU and all is 
100% perfect!

Everything is fully routeable now.

Thank you very much!!!!

-- 
Kind Regards
AndrewM

Andrew McGlashan
Broadband Solutions now including VoIP


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users