Subject: Re: Xen3 + VLANs + multiple DOM0s cause loss of connectivity?
To: Johan Ihren <johani@johani.org>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: port-xen
Date: 01/24/2008 15:58:06
On Thu, Jan 24, 2008 at 12:26:52PM +0100, Johan Ihren wrote:
> Hi,
>
> I have a complex Xen setup that utilizes VLANs to instantiate a virtual
> network topology on top of a physical infrastructure with several DOM0s
> connected through a single physical switch.
>
> This has worked just fine with Xen2 for a long time. But now I've
> upgraded
> to Xen3 and unfortunately I've started having severe problems.
>
> This doesn't seem to work:
>
> * Two DOMUs running on separate DOM0s, communicating over IPv6 inside
> a VLAN.
> I.e. a setup like the following doesn't work for me:
>
> domu1# ifconfig vlan0 create
> domu1# ifconfig vlan0 vlan 10 vlanif xennet0
> domu1# ifconfig vlan0 inet6 2001:1:1::1 prefixlen 32
> domu2# ifconfig vlan0 create
> domu2# ifconfig vlan0 vlan 10 vlanif xennet0
> domu2# ifconfig vlan0 inet6 2001:1:1::2 prefixlen 32
> domu2# ping6 2001:1:1::1 **** Doesn't work
> [...]
> Outside of VLANs (i.e. when configuring IPv4 and IPv6 addresses
> directly on the xennetN then everything works just fine. VLANs
> configured on the DOM0 also works fine. It is just the combination of
> Xen3 + DOMU + VLANs that causes problems.
What I found strange is that it worked with Xen2. Xen version is probably
not the key here, but the version of dom0.
Basically, 802.1q paquets in dom0 are not routed to the bridge interface but
to the vlan interfaces, so these packets can't make it up to the domUs.
If the dom0 kernel doesn't have 'pseudo-device vlan' then it may work.
The way to do this is to have the vlan interfaces in dom0 only, connect
one bridge to each vlan and have in the domU one vif per vlan you need to
connect to.
--
Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr
NetBSD: 26 ans d'experience feront toujours la difference
--