Xen users - Sep 2012 - Route networking xen 4

Hey guys,

I''m facing some issues on route networking. Could someone give me a
hand
with route networking configuration on xen 4, please?
I just wanna make dom0 communicates with domU by pinging each other, but
it doesn''t seem to get the network working at all. Ive been stucked on
this
a week or so!

Here it goes some configuration on my machine - Ubuntu 12.04:

first of all, my xen settings:

#cat /etc/xen/xend-config.sxp

(logfile /var/log/xen/xend.log)
(loglevel DEBUG)
(xend-unix-server yes)
(network-script network-route)
(vif-script vif-route)
(dom0-min-mem 196)
(total_available_memory 0)
(dom0-cpus 0)
(vncpasswd '''')

-

#cat /etc/xen/xenroute.cfg

bootloader = ''/usr/lib/xen-default/bin/pygrub''
vcpus       = ''1''
memory      = ''526''
root        = ''/dev/xvda2 ro''
disk        = [
                 
''file:/xen/domains/xenroute/disk.img,xvda2,w'',
                 
''file:/xen/domains/xenroute/swap.img,xvda1,w'',
              ]
name        = ''xenroute''
vif         = [ ''ip=10.0.0.1,mac=00:16:3E:1C:4C:D3'' ]
on_poweroff = ''destroy''
on_reboot   = ''restart''
on_crash    = ''restart''

---------------------------------------------------------------------

Dom0 settings:

dom0# ifconfig

eth0      Link encap:Ethernet  HWaddr bc:ae:c5:9f:50:0c
          inet addr:192.168.0.4  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:50

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2733 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2733 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:295895 (295.8 KB)  TX bytes:295895 (295.8 KB)

vif19.0   Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:709 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:384 (384.0 B)  TX bytes:162795 (162.7 KB)

virbr0    Link encap:Ethernet  HWaddr a2:d6:e7:30:f3:9e
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr 00:26:c7:d3:28:2e
          inet addr:192.168.1.104  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::226:c7ff:fed3:282e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:73574 errors:0 dropped:0 overruns:0 frame:0
          TX packets:39730 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:73693058 (73.6 MB)  TX bytes:4576434 (4.5 MB)

-

dom0# cat /etc/network/interfaces

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
   address   192.168.0.4
   netmask   255.255.255.0
   network   192.168.0.0
   broadcast 192.168.0.255
   gateway   192.168.0.1

-

dom0# iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootps
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             PHYSDEV match
--physdev-out vif19.0 --physdev-is-bridged
ACCEPT     udp  --  anywhere             anywhere             PHYSDEV match
--physdev-in vif19.0 --physdev-is-bridged udp spt:bootpc dpt:bootps
ACCEPT     all  --  anywhere             anywhere             PHYSDEV match
--physdev-out vif19.0 --physdev-is-bridged
ACCEPT     all  --  xenroute             anywhere             PHYSDEV match
--physdev-in vif19.0 --physdev-is-bridged
ACCEPT     all  --  anywhere             192.168.122.0/24     state
RELATED,ESTABLISHED
ACCEPT     all  --  192.168.122.0/24     anywhere
ACCEPT     all  --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere             reject-with
icmp-port-unreachable
REJECT     all  --  anywhere             anywhere             reject-with
icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

-

dom0# iptables -t nat -L

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24     masq ports:
1024-65535
MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24     masq ports:
1024-65535
MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24
MASQUERADE  all  --  10.0.0.0             anywhere
MASQUERADE  all  --  10.0.0.0             anywhere
MASQUERADE  all  --  anywhere             anywhere
MASQUERADE  all  --  10.0.0.0             anywhere

-

dom0# sysctl -p

net.ipv4.conf.all.rp_filter = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 1
net.ipv4.conf.all.proxy_arp = 1

------------------------

My domU is named xenroute, and it has the following settings:

xenroute:~# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:16:3e:1c:4c:d3
          inet addr:10.0.0.1  Bcast:10.255.255.255  Mask:255.0.0.0
          inet6 addr: fe80::216:3eff:fe1c:4cd3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:751 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:157123 (157.1 KB)  TX bytes:468 (468.0 B)
          Interrupt:10

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
-

xenroute:~# cat /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
 address 10.0.0.1
 gateway 192.168.0.1 # 10.0.0.254
 netmask 255.255.2552.255

To set up my network I followed this tutorial :
http://wiki.kartbuilding.net/index.php/Xen_Networking#Two-way_Routed_Network_2
Any clue?

Appreciate your attention!

Carol


_______________________________________________
Xen-users mailing list
Xen-users@lists.xen.org
http://lists.xen.org/xen-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



Carol <krouzinh@gmail.com> schrieb:
>auto lo
>iface lo inet loopback
>
>auto eth0
>iface eth0 inet static
> address 10.0.0.1
> gateway 192.168.0.1 # 10.0.0.254
> netmask 255.255.2552.255
Typo?!?

And:
- - why do you have a bridge on Dom0 if you want to do routing?
- - your vif seems not configured on Dom0 yet
- - check your other netmasks


hth
Cheers,


Niels.
- --
Niels Dettenbach
Syndicat IT&Internet
http://www.syndicat.com
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.8

iIEEAREIAEEFAlBdWDM6HE5pZWxzIERldHRlbmJhY2ggKFN5bmRpY2F0IElUJklu
dGVybmV0KSA8bmRAc3luZGljYXQuY29tPgAKCRBU3ERlZRyiDTT3AJ9qqxNLEQgl
JjguD7mB8zEwNV1DdwCfcH5tvXeemzpXO3CN+5XRiQG3jJ4=z2c8
-----END PGP SIGNATURE-----

Thanks for your reply!

I have never worked with network and virtualization before, that''s why
I am
kinda lost trying to get this thing working.

>auto lo
> >iface lo inet loopback
> >
> >auto eth0
> >iface eth0 inet static
> > address 10.0.0.1
> > gateway 192.168.0.1 # 10.0.0.254
> > netmask 255.255.2552.255
>
> Typo?!?
>
I''m sorry, didn''t get why it would be typo?

And:
> - - why do you have a bridge on Dom0 if you want to do routing?

Maybe because I tried to run a bridge networking before trying route? How
would I remove this bridge set up?

> - - your vif seems not configured on Dom0 yet
>
How do I configure vif devices?

> - - check your other netmasks
>
which ones?

Sorry for my ignorance

- Carol


_______________________________________________
Xen-users mailing list
Xen-users@lists.xen.org
http://lists.xen.org/xen-users

Carol wrote:
>I''m facing some issues on route networking.

>(network-script network-route)
The Xen network-scripts are deprecated in favour of host OS supplied 
config options which are now generally more powerful, flexible, and 
reliable.

>#cat /etc/xen/xenroute.cfg
>
>bootloader = ''/usr/lib/xen-default/bin/pygrub''
>vcpus       = ''1''
>memory      = ''526''
>root        = ''/dev/xvda2 ro''
>disk        = [
>                  
''file:/xen/domains/xenroute/disk.img,xvda2,w'',
>                  
''file:/xen/domains/xenroute/swap.img,xvda1,w'',
>               ]
>name        = ''xenroute''
>vif         = [ ''ip=10.0.0.1,mac=00:16:3E:1C:4C:D3'' ]
>on_poweroff = ''destroy''
>on_reboot   = ''restart''
>on_crash    = ''restart''
I personally add "bridge=..." to VIF specifications - but then
I''m
normally working on systems with multiple bridges.
>dom0# cat /etc/network/interfaces
>
>auto lo
>iface lo inet loopback
>auto eth0
>iface eth0 inet static
>    address   192.168.0.4
>    netmask   255.255.255.0
>    network   192.168.0.0
>    broadcast 192.168.0.255
>    gateway   192.168.0.1
Network and broadcast are normally not required - the system will 
work them out. It''s no problem to specify them, but it does add scope 
for errors.

I would define the bridge here :
auto br0
iface br0 inet static
   address 10.0.0.254
   netmask 255.255.255.0
   bridge_ports none

This creates a bridge called br0 with no physical interfaces attached 
- this is correct, it''s only used for the DomUs to communicate. You 
can use any name you like - on my systems they tend to be things like 
brext, brint, and so on - which makes it easier to keep track of what 
connects to what.

You then need to configure the NAt and any filters between eth0 and 
br0. To Dom0, br0 is "just another network interface" in most 
respects. Without enabling forwarding and NAT, Dom0 and DomU will be 
able to communicate, but DomU will not have external access.

>xenroute:~# cat /etc/network/interfaces
>
>auto lo
>iface lo inet loopback
>
>auto eth0
>iface eth0 inet static
>  address 10.0.0.1
>  gateway 192.168.0.1 # 10.0.0.254
>  netmask 255.255.2552.255
The netmask here is invalid (even ignoring the typo), it should 
probably be 255.255.255.0. Also gateway should be just one value - 
10.0.0.254. 192.168.0.1 is not valid on the subnet, and is not 
directly accessible anyway.
>To set up my network I followed this tutorial : 
>http://wiki.kartbuilding.net/index.php/Xen_Networking#Two-way_Routed_Network_2
That''s ancient - last updated over 5 years ago - things have moved on 
since. That is the big problem following "random" articles off the 
net.
-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.