Port-xen archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: default route on other subnet

Quoting Jean-Yves Migeon 01/07/2011 00:29,
What you are trying to achieve is kind of difficult. With a xennet0
configured as a /32 in domU (and without a default route), you are
basically setting up your domain as being "non routable". It can only
communicate with itself (excluding certain circumstances, but that's not
the point here).

Hi Jean-Yves,

sorry for coming back on that matter, but that's exactly the point. That's even the subject of this thread: using a default route on another subnet. Do you really think that it's the /32 netmask that prevents the route trick to work? I tryed again today with current and on a brand new linux dom0; and it's a very standard XEN configuration. In fact, I'm always building the whole thing from scratch with the official tarball for xen & tools (4.1.1), and jeremy's repository (today's next-2.6.32). The same happens again.

In a basic bridge configuration, with a reachable gateway on network interface, this is supposed to do the trick on the netbsd guest side,
        ifconfig xennet0 GUESTIP netmask up
        route add -host GATEWAYIP -link xennet0 -iface
        route add default -ifa GUESTIP GATEWAYIP
but instead I still receive the arp warnings (xx:xx:xx:xx:xx:xx tried to overwrite permanent arp info for GATEWAYIP).

Routing packets (like the ones with your ping) will only work when the
domain is capable of figuring out a route at a L2 level, e.g. AF_LINK
for routing socket. But the NetBSD domain will refuse to add addresses
in its ARP table that do not belong to its networks, and as it has none...

I tryed with network instead, trying to overcome what you just said, while keeping the rest of the procedure (route add -host and default). No changes, I still receive the happy arp warnings.

For routing dom0 <> domU, without proxy ARP, I'd suggest to set an IP
for vif, and a small iproute2 command:

Now about a routing configuration, without proxy ARP (I honestly don't know what it is about anyway), I have to use an additional IP indeed, which isn't an option here as I'm dealing with public IPs (and I don't have much of them).

Of course the problem would be solved if I could use NAT. Thing is, I'm fighting, for a few monthes now, because I precisely would like NetBSD to be my nat gateway for the other guests. I can't stand iptables and appreciate the good old ipfilter & ipnat tools.


Home | Main Index | Thread Index | Old Index