Hello Xen Users, I need a hand with bridging network connections. I am running Xen 4.2 with a Debian Wheezy Dom0. My objective is to run a HVM PFSense, with eth0 to xenbr0 as WAN and xenbr1 to eth1 as LAN, and I want Dom0 inside the network (part of LAN not WAN). As far as I can tell it is working, a Windows 7 x64 HVM and a Debian Squeeze HVM both have Internet access using xenbr1, and eth1 is wired to a switch where five additional devices also have Internet access. However, Dom0 does not receive a connection at all, and has no access inside the LAN or to the Internet. The basic appearance of my /etc/network/interfaces: auto lo xenbr0 xenbr1 iface lo inet loopback iface eth0 inet manual iface eth1 inet manual iface xenbr0 inet manual bridge_ports eth0 iface xenbr1 inet manual bridge_ports eth1 I have tried setting a static IP on xenbr1, and eth1 to no avail. ifconfig sees the values but no access to LAN is available. I also tried a bridge to bridge from xenbr1 to a static bridge, also did not work. When I set any of them to dhcp I just get a huge boot time delay because PFSense isn''t running yet, and no connection even five minutes after every other device is already accessing. Can anyone please provide a solution? Thanks, ~Casey _______________________________________________ Xen-users mailing list Xen-users@lists.xen.org http://lists.xen.org/xen-users
Casey DeLorme wrote:>My objective is to run a HVM PFSense, with eth0 to xenbr0 as WAN and >xenbr1 to eth1 as LAN, and I want Dom0 inside the network (part of >LAN not WAN). > >As far as I can tell it is working, a Windows 7 x64 HVM and a Debian >Squeeze HVM both have Internet access using xenbr1, and eth1 is >wired to a switch where five additional devices also have Internet >access. > >However, Dom0 does not receive a connection at all, and has no >access inside the LAN or to the Internet. > > >The basic appearance of my /etc/network/interfaces: > >auto lo xenbr0 xenbr1 >iface lo inet loopback >iface eth0 inet manual >iface eth1 inet manual >iface xenbr0 inet manual > bridge_ports eth0 >iface xenbr1 inet manual > bridge_ports eth1 > > >I have tried setting a static IP on xenbr1, and eth1 to no avail. > ifconfig sees the values but no access to LAN is available.You will need an IP address in xenbr1, and I don''t think you need the eth<n> entries at all - and don''t forget that you''ll need a default route via the firewall virtual device. Do you have communications between Dom0 and the firewall itself ? Lastly, I think there are options for Xen to add iptables rules to limit traffic on a VIF to just the guests IP address, I assume these aren''t turned on ? -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books.
Hey, thanks for the reply Simon. It ended up being a dns resolution problem, I didn''t realize it because I was trying to ping domains, my resolv.conf file had the wrong gateway. I am also not used to the GUI in debian, network-manager kept telling me I was disconnected, turns out interfaces was working all along. On Mon, Apr 23, 2012 at 4:39 AM, Simon Hobson <linux@thehobsons.co.uk>wrote:> Casey DeLorme wrote: > > My objective is to run a HVM PFSense, with eth0 to xenbr0 as WAN and >> xenbr1 to eth1 as LAN, and I want Dom0 inside the network (part of LAN not >> WAN). >> >> As far as I can tell it is working, a Windows 7 x64 HVM and a Debian >> Squeeze HVM both have Internet access using xenbr1, and eth1 is wired to a >> switch where five additional devices also have Internet access. >> >> However, Dom0 does not receive a connection at all, and has no access >> inside the LAN or to the Internet. >> >> >> The basic appearance of my /etc/network/interfaces: >> >> auto lo xenbr0 xenbr1 >> iface lo inet loopback >> iface eth0 inet manual >> iface eth1 inet manual >> iface xenbr0 inet manual >> bridge_ports eth0 >> iface xenbr1 inet manual >> bridge_ports eth1 >> >> >> I have tried setting a static IP on xenbr1, and eth1 to no avail. >> ifconfig sees the values but no access to LAN is available. >> > > You will need an IP address in xenbr1, and I don''t think you need the > eth<n> entries at all - and don''t forget that you''ll need a default route > via the firewall virtual device. > Do you have communications between Dom0 and the firewall itself ? > Lastly, I think there are options for Xen to add iptables rules to limit > traffic on a VIF to just the guests IP address, I assume these aren''t > turned on ? > > -- > Simon Hobson > > Visit http://www.**magpiesnestpublishing.co.uk/<http://www.magpiesnestpublishing.co.uk/>for books by acclaimed > author Gladys Hobson. Novels - poetry - short stories - ideal as > Christmas stocking fillers. Some available as e-books. > > ______________________________**_________________ > Xen-users mailing list > Xen-users@lists.xen.org > http://lists.xen.org/xen-users >_______________________________________________ Xen-users mailing list Xen-users@lists.xen.org http://lists.xen.org/xen-users