Re: xen networking

To: Iain Hibbert <plunky%ogmig.net@localhost>
Subject: Re: xen networking
From: Greg Troxel <gdt%lexort.com@localhost>
Date: Fri, 05 Jun 2020 10:05:00 -0400

Iain Hibbert <plunky%ogmig.net@localhost> writes:

> dom0 has wm0 connected to bridge0, and bridge1 is domU network
>
> domU-router has two interfaces, one on each bridge
>
> domU clients otherwise have one interface, connected to bridge1

This is the hard way, compared to having dom0 do NAT.  But not wrong,
just harder.

> domU-router has dnsmasq set up to provide IP addresses onto bridge1 and 
> this works fine, I can ping back and forth using hostnames. I also have 
> dom0 ask for an IP on this network (might NAT that to a separate network 
> instead, later)

So dom0 has some sort of pseudo-interface on bridge1?

> So currently I am stuck. I want to have domU-router get the IP address to 
> the external interface with dhcpcd. Then bridge0 will do its job and 
> domU-router will be the front end, right? (if so then I set up NAT)

If you want to have your router/NAT be in a domU, then yes, the domU has
to have an address that belongs on your ethernet, via its xennet0 which
is a member of dom0 bridge0, along with dom0 wm0 being in bridge0.

> Unfortunately, I think, if I get domU-router to issue a DHCP request, what 
> happens is that it goes out onto bridge0 with the domU-router MAC address 
> as source.

That is correct behavior; why do you say "unfortunately"?

> I can see it with tcpdump on wm0 but I don't know if it 
> actually goes out on the wire, and nothing ever comes back. I don't see 
> any way around that and seem to have been all over the internet looking 
> for clues - is there a way to do this, network wise?

I have no recent experience, but have set up many machines with a dom0
and a bunch of  domUs, where the dom0 had a bridge0, each domU had a
xennet0 and on the dom0, xvifN.0 or whatever was added into bridge0.
Then I could configure addresses on each domU's xennet0 and that worked
fine.  I was not trying to use dhcp.

Suggestions:

  use tcpdump on another machine on the wm0 ethernet with a hub, use it
  on the dhcp server, and/or look at the dchp server logs

  configure an address statically and try to ping the dhcp server

  also look at arp with tcpdump

  choose a fake ethernet address that's real, perhaps one belonging to a
  powered-off card.   who knows what "security" mechanisms are in place!

> I see that you can push wm0 into the domU-router with pciback though not 
> sure if possible, using NetBSD-9.0_STABLE and xen4.11 ?

My impression is that pci passthrough  didn't work at least recently.
If it does now that's big news, at least to me.

Follow-Ups:
- Re: xen networking
  - From: Iain Hibbert

References:
- xen networking
  - From: Iain Hibbert

Prev by Date: xen networking
Next by Date: Re: xen networking
Previous by Thread: xen networking
Next by Thread: Re: xen networking
Indexes:

Home | Main Index | Thread Index | Old Index