Re: xen networking

To: Iain Hibbert <plunky%ogmig.net@localhost>
Subject: Re: xen networking
From: Dima Veselov <kab00m%lich.phys.spbu.ru@localhost>
Date: Sat, 6 Jun 2020 11:53:43 +0300

On Fri, Jun 05, 2020 at 02:42:55PM +0100, Iain Hibbert wrote:

I have a xen dom0 with external connectivity and wish to set up NAT to
allow the domU network access but having a little difficulty with network
setup. I have tried several variations and always hit a wall eventually.
This is where I'm currently at:


If I understand right - you have one dom0 with several domU's and one
domU acting as a router/NAT for other domUs.

Real network - wm0 (dom0) br0 - xennet0 (domU) xennet1 - br1 (dom0) br1 - domU xennet0

domU-router has dnsmasq set up to provide IP addresses onto bridge1 and
this works fine, I can ping back and forth using hostnames. I also have
dom0 ask for an IP on this network (might NAT that to a separate network
instead, later)

So currently I am stuck. I want to have domU-router get the IP address to
the external interface with dhcpcd. Then bridge0 will do its job and
domU-router will be the front end, right? (if so then I set up NAT)


Something stay undisclosed here. You say dnsmasq is working good but then it
sounds domU-router can't get xennet0 IP. Then what means it works good?

Unfortunately, I think, if I get domU-router to issue a DHCP request, what
happens is that it goes out onto bridge0 with the domU-router MAC address

as source.


Do you want domU-router to get an IP with mac-address of dom0 as it sounds?
This will never happen, bridge is like a switch - every server have its own

unique mac.

There should be something about your network configuration. I suppose you
make this setup complexed because you have some limitations in real network
connected to wm0, but we need to know what they are.

As it sounds to me - DHCP server which you try to use accept only dom0's wm0
mac address. If it is so - you can either use dom0 as a router/NAT instead
or swap mac addresses between dom0 and domU-router.

I can see it with tcpdump on wm0 but I don't know if it
actually goes out on the wire, and nothing ever comes back.


Once you see it on dom0 wm0 you can be sure its on the wire. tcpdump capture
output packets after all processing. There are some problematic cases when
its not true but I would check it only as a last shot.

--
Sincerely yours,
Dima Veselov
Physics R&D Establishment of Saint-Petersburg University

Follow-Ups:
- Re: xen networking
  - From: Iain Hibbert

References:
- xen networking
  - From: Iain Hibbert

Prev by Date: Re: xen networking
Next by Date: Re: xen networking
Previous by Thread: Re: xen networking (offtopic)
Next by Thread: Re: xen networking
Indexes:

Home | Main Index | Thread Index | Old Index