Re: xen & bridged networking
В Чтв, 31/01/2008 в 12:54 +0600, Evgeny Yugov пишет:
> Здравствуйте.
>
> Собственно, началось с солов которых полно в интернете:
>
> Есть локальная сеть, 192.168.144.0/24
>
> Поднимает dom0
>
> /etc/network/interfaces
> ...
> auto office
> iface office inet static
> address 192.168.144.77
> netmask 255.255.255.0
> network 192.168.144.0
> broadcast 192.168.144.255
> gateway 192.168.144.1
>
> далее:
>
> $ grep -v ^# /etc/xen/xend-config.sxp | grep -v ^$
> (network-script 'network-bridge netdev=office')
> (vif-script vif-bridge)
> (dom0-min-mem 196)
> (dom0-cpus 0)
>
> настройка гостевой машины:
>
> $ grep -v ^# /etc/xen/domain.cfg | grep -v ^$
> kernel = '/boot/vmlinuz-2.6.18-6-xen-vserver-amd64'
> ramdisk = '/boot/initrd.img-2.6.18-6-xen-vserver-amd64'
> memory = '2048'
> extra = 'acpi=off'
> root = '/dev/sda1 ro'
> disk = [ 'phy:vgxen0/domain-disk,sda1,w',
> 'phy:vgxen0/domain-swap,sda2,w' ]
> name = 'domain'
> vif = [ 'ip=192.168.144.78' ]
> on_poweroff = 'destroy'
> on_reboot = 'restart'
> on_crash = 'restart'
>
> запускаем все это дело, и смотрим:
>
> $ ip a
> 1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> 2: poffice: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc pfifo_fast qlen 100
> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
> link/ether 00:30:48:34:5e:af brd ff:ff:ff:ff:ff:ff
> 4: vif0.0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
> 5: office: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
> link/ether 00:30:48:34:5e:ae brd ff:ff:ff:ff:ff:ff
> inet 192.168.144.77/24 brd 192.168.144.255 scope global office
> 6: vif0.1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
> 7: veth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
> link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
> 8: vif0.2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
> 9: veth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
> link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
> 10: vif0.3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
> 11: veth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
> link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
> 12: xenbr0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
> 13: vif1.0: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
> link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
>
> $ sudo brctl show
> bridge name bridge id STP enabled interfaces
> xenbr0 8000.feffffffffff no vif0.0
> poffice
> vif1.0
>
> Конфиг с гостевой машины:
> ...
> auto eth0
> iface eth0 inet static
> address 192.168.144.78
> gateway 192.168.144.1
> netmask 255.255.255.0
>
> Вроде все пучком, НО, гостевая машина видна только с хоста (ping,...
> etc), плюс с гостевой не виден шлюз 192.168.144.1. Чего куда копать, уже
> не знаю... хотя когда пробовал в обход (или вместе с) xen networking
> скриптов(создавал свой бридж и добавлял vif туда), как то получалось
> заставить все это работать... но... упс...
По Xen'у конкретно не скажу. Но по бриджу была такая штука, надо было
принудительно iptables -A FORWARD -i br0 -o br0 -j ACCEPT делать.
--
Покотиленко Костик <casper@meteor.dp.ua>
Reply to: