Xen bridge problem

To: port-xen <port-xen%netbsd.org@localhost>
Subject: Xen bridge problem
From: Alaric Snell-Pym <alaric%snell-pym.org.uk@localhost>
Date: Mon, 25 Jul 2016 16:27:05 +0100

Hello folks

In my ongoing "trying to do unusual things with Xen and failing"
tribulations, I'm trying to make a domU do some routing for me.

So I've got several bridge devices, and I'm asking Xen to provide
several vifs connected to them, like so in xl.cfg:

vif=['mac=00:50:56:00:00:1,bridge=bridge0',
'mac=00:50:56:00:01:1,bridge=bridge1',
'mac=00:50:56:00:02:1,bridge=bridge2',
'mac=00:50:56:00:03:1,bridge=bridge3']

(that's all on one line really, my mailer wrapped it, not that I think
it matters)

However, when I bring up the domU, all the vifs end up on the same
bridge, bridge0:

# brconfig -a
bridge0: flags=41<UP,RUNNING>
	Configuration:
		priority 32768 hellotime 2 fwddelay 15 maxage 20
		ipfilter disabled flags 0x0
	Interfaces:
		xvif11i2 flags=3<LEARNING,DISCOVER>
			port 18 priority 128
		xvif11i1 flags=3<LEARNING,DISCOVER>
			port 17 priority 128
		xvif11i3 flags=3<LEARNING,DISCOVER>
			port 19 priority 128
		xvif11i0 flags=3<LEARNING,DISCOVER>
			port 16 priority 128
		re0 flags=3<LEARNING,DISCOVER>
			port 2 priority 128
	Address cache (max cache: 100, timeout: 1200):
		00:50:56:00:01:01 xvif11i1 619 flags=0<>
bridge1: flags=41<UP,RUNNING>
	Configuration:
		priority 32768 hellotime 2 fwddelay 15 maxage 20
		ipfilter disabled flags 0x0
	Interfaces:
		wm0 flags=3<LEARNING,DISCOVER>
			port 1 priority 128
	Address cache (max cache: 100, timeout: 1200):
...actual MACs of devices on my home network elided...
bridge2: flags=41<UP,RUNNING>
	Configuration:
		priority 32768 hellotime 2 fwddelay 15 maxage 20
		ipfilter disabled flags 0x0
	Interfaces:
		re1 flags=3<LEARNING,DISCOVER>
			port 3 priority 128
	Address cache (max cache: 100, timeout: 1200):
bridge3: flags=41<UP,RUNNING>
	Configuration:
		priority 32768 hellotime 2 fwddelay 15 maxage 20
		ipfilter disabled flags 0x0
	Interfaces:
	Address cache (max cache: 100, timeout: 1200):

I took a look at how the vif-bridge script works, and it uses
xenstore-read to ask Xen what the bridge for each interface should be -
but the xen store thinks they should all be on bridge0:

# xenstore-read /local/domain/0/backend/vif/11/0/bridge
bridge0
# xenstore-read /local/domain/0/backend/vif/11/1/bridge
bridge0
# xenstore-read /local/domain/0/backend/vif/11/2/bridge
bridge0
# xenstore-read /local/domain/0/backend/vif/11/3/bridge
bridge0

It seems my settings in xl.cfg aren't making it as far as the xen store!
I suppose I could get dom0 to do my routing and have each domU on only a
single IP (ick), or maybe hack vif-bridge to look at the MAC of the xvif
(the desired bridge number is in the penultimate octet) (ick), but it'd
be nice if I could just set up a domU to do routing and nothing else...

Has anybody set up domUs with multiple bridge devices before? What did
you do differently to me?

This is Xen 4.5.3 on NetBSD 7.0.1 (amd64)...

Thanks,

ABS

-- 
Alaric Snell-Pym
http://www.snell-pym.org.uk/alaric/

Attachment: signature.asc
Description: OpenPGP digital signature

Follow-Ups:
- Re: Xen bridge problem
  - From: Manuel Bouyer

Prev by Date: xen 4.6 upgrade and non starting Ubuntu guests
Next by Date: Re: Xen bridge problem
Previous by Thread: xen 4.6 upgrade and non starting Ubuntu guests
Next by Thread: Re: Xen bridge problem
Indexes:

Home | Main Index | Thread Index | Old Index