1 message in com.xensource.lists.xen-devel[Xen-devel] Compiling from source and...| From | Sent On | Attachments |
|---|---|---|
| Matthew Donovan | 27 Jun 2008 06:53 |
| Subject: | [Xen-devel] Compiling from source and networking problem - SOLVED ? |
|---|---|
| From: | Matthew Donovan (matt...@atc-nycorp.com) |
| Date: | 06/27/2008 06:53:22 AM |
| List: | com.xensource.lists.xen-devel |
Because I had recompiled Xen a few times and even tried installing it from packages, I wasn't sure about the state of the machine, so I just blew it out, and reinstalled (FC 8) from scratch.
I compiled Xen (3.2 - testing) and installed a Fedora VM, still no networking.
I checked my iptables rules and saw that the first rule in the FORWARD chain rejected everything. I deleted that rule and the VM's networking came right up.
I'm not an iptables expert but looking at the FORWARD chain I originally sent out, it looks like that may have been the original problem as well.
ORIGINAL FORWARD CHAIN:
Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-host-prohibited ACCEPT all -- anywhere anywhere PHYSDEV match --physdev-in vif2.0
There are a lot of REJECT rules before the rule that accepts to/from vif2.0. So I'm guessing that the ACCEPT from anywhere to anywhere rules don't include traffice to/from the virtual interface?
-matthew
-----Original Message----- From: Matthew Donovan [mailto:matt...@atc-nycorp.com] Sent: Tuesday, June 24, 2008 11:02 AM To: Keir Fraser; xen-devel Subject: RE: [Xen-devel] Compiling from source and networking problem
Networking for an HVM linux guest (FC 8) also does not work. One thing I'm seeing on the linux guest (and I don't know if it matters) is that every time I boot it, the ethernet interface number increases: eth0, eth1, eth2, eth3.
-matthew
-----Original Message----- From: Keir Fraser [mailto:keir...@eu.citrix.com] Sent: Friday, June 13, 2008 3:32 PM To: Matthew Donovan; xen-devel Subject: Re: [Xen-devel] Compiling from source and networking problem
Networking for Windows guests should work straightforwardly 'out of the box'. Have you been able to get networking going with any other type of guest: e.g., Linux, WinXP?
-- Keir
On 13/6/08 18:50, "Matthew Donovan" <matt...@atc-nycorp.com> wrote:
Hey,
I was originally asking questions on xen-users but no one seems to have any idea about this so I figured I'd try this list.
I compiled Xen from source (3.2 testing) on an Intel machine running Fedora Core 8 and have discovered that my guest (Windows Vista) does not have a network connection.
Looking at various online documentation and a machine that does work, I guessed that I needed dnsmasq and libvirtd installed. I did that (and I think it's configured correctly i.e. it runs when the machine boots and has the same flags as the machine that works) and still nothing (i.e. domU does not have a network connection). I installed libvirt from source and got the Fedora package for dnsmasq.
Most of the documentation I've found for networking is old and doesn't seem to reflect what Xen is doing. Most sources refer to xenbr0 while only a couple places mention that eth0 becomes the bridge and peth0 is now the interface that dom0 uses.
It's possible that I have remnants of my attempt to get Xen working from rpm's on this system. I don't know if that would screw anything up or not.
Is there an up-to-date reference for how Xen networking is done? I've read the XenNetworking Wiki page through repeatedly and can't glean the appropriate trouble-shooting information from it.
In the VM I've tried configuring it for DHCP and giving it a static IP. Neither do anything.
Should I just format the computer and start from scratch?
I'm at my wit's end here. Any help is appreciated. -matthew
Some other details: My _current_ guest config specifies networking as:
dhcp="dhcp" vif=[ 'type=ioemu, bridge=xenbr0' ]
/etc/xen/xend-config.sxp says: (network-script network-bridge) (vif-script vif-bridge)
My guest is currently running and "brctl show" output: [root@moosen ~]# brctl show bridge name bridge id STP enabled interfaces eth0 8000.0019b932c635 no peth0 tap0 vif2.0 virbr0 8000.000000000000 yes
Iptables output:
[root@moosen ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -- anywhere anywhere tcp dpt:bootps ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -- anywhere anywhere tcp dpt:bootps ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -- anywhere anywhere tcp dpt:bootps RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-host-prohibited ACCEPT all -- anywhere anywhere PHYSDEV match --physdev-in vif2.0
Chain OUTPUT (policy ACCEPT) target prot opt source destination
Chain RH-Firewall-1-INPUT (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
_______________________________________________ Xen-devel mailing list Xen-...@lists.xensource.com http://lists.xensource.com/xen-devel
_______________________________________________ Xen-devel mailing list Xen-...@lists.xensource.com http://lists.xensource.com/xen-devel
_______________________________________________ Xen-devel mailing list Xen-...@lists.xensource.com http://lists.xensource.com/xen-devel