Xen domainU hosts not bridging correctly (Always 192.168.1.122)

xen

I'm trying to set up some domU hosts on a new Xen server, however, I can't seem to get any of these hosts to connect to the local network (i.e. the office's 192.168.0.* range). Running dhclient on these hosts only assigns 192.168.122.* ip addresses which I can ping from dom0, but not from any external hosts (like my workstation). Here is some info:

ifconfig of dom0:

eth0      Link encap:Ethernet  HWaddr 54:04:a6:19:25:77  
          inet addr:192.168.0.107  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::5604:a6ff:fe19:2577/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13383 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2193 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1808204 (1.8 MB)  TX bytes:462896 (462.8 KB)
          Interrupt:18 Memory:fb500000-fb520000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:72 errors:0 dropped:0 overruns:0 frame:0
          TX packets:72 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:9600 (9.6 KB)  TX bytes:9600 (9.6 KB)

vif7.0    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff  
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:27 errors:0 dropped:0 overruns:0 frame:0
          TX packets:363 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32 
          RX bytes:4372 (4.3 KB)  TX bytes:20444 (20.4 KB)

virbr0    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff  
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:130 errors:0 dropped:0 overruns:0 frame:0
          TX packets:136 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:21401 (21.4 KB)  TX bytes:19171 (19.1 KB)

And ifconfig of domU:

eth0      Link encap:Ethernet  HWaddr 00:16:3e:5a:85:b0  
          inet addr:192.168.122.51  Bcast:192.168.122.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe5a:85b0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:476 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:19650 (19.6 KB)  TX bytes:4750 (4.7 KB)
          Interrupt:10 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

In the VM's config file in /etc/xen we also see:

#
#  Networking
#
dhcp        = 'dhcp'
vif         = [ 'mac=00:16:3E:5A:85:B0' ]

The iptables rules on dom0:

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootps
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             PHYSDEV match --physdev-out vif7.0 --physdev-is-bridged
ACCEPT     all  --  anywhere             anywhere             PHYSDEV match --physdev-in vif7.0 --physdev-is-bridged
ACCEPT     all  --  anywhere             192.168.122.0/24     state RELATED,ESTABLISHED
ACCEPT     all  --  192.168.122.0/24     anywhere            
ACCEPT     all  --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Finally, in /etc/xen/xend.conf we see the following options enabled:

(network-script network-bridge)
(vif-script vif-bridge)

Which according to the documentation is all you should need. These are Ubuntu boxes, btw.

Being new to Xen, the behaviour I would expect would be that eth0 in domU would be assigned a 192.168.0.* address from the office's dhcp server – this is how other virtualisation products I've used in the past behave (i.e. Virtualbox + VMWare).

Could someone please shed some light on this?

Cheers!

Best Answer

Found the solution, it turned out we had some interference from Qemu. Observe the following file:

# cat /etc/libvirt/qemu/networks/autostart/default.xml 
<network>
  <name>default</name>
  <bridge name="virbr0" />
  <forward/>
  <ip address="192.168.122.1" netmask="255.255.255.0">
    <dhcp>
      <range start="192.168.122.2" end="192.168.122.254" />
    </dhcp>
  </ip>
</network>

This was messing with our ability to create a bridged network, and instead was forcing NAT instead. The fix was simple - remove the file and reboot! Following this our interfaces look like this:

eth0      Link encap:Ethernet  HWaddr 54:04:a6:19:25:77  
          inet addr:192.168.0.107  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::5604:a6ff:fe19:2577/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11544 errors:0 dropped:0 overruns:0 frame:0
          TX packets:316 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1693851 (1.6 MB)  TX bytes:37859 (37.8 KB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

peth0     Link encap:Ethernet  HWaddr 54:04:a6:19:25:77  
          inet6 addr: fe80::5604:a6ff:fe19:2577/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:16811 errors:0 dropped:0 overruns:0 frame:0
          TX packets:441 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2309354 (2.3 MB)  TX bytes:52524 (52.5 KB)
          Interrupt:18 Memory:fb500000-fb520000 

vif2.0    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff  
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:49 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11937 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32 
          RX bytes:5850 (5.8 KB)  TX bytes:1624520 (1.6 MB)

And also our bridge was automatically set up as below:

# brctl show
bridge name bridge id       STP enabled interfaces
eth0        8000.5404a6192577   no      peth0
                                    vif2.0

And so now all DomainU hosts work as intended. I hope this helps someone else :)

Best Answer

Related Solutions

Xen 3.2 networking: private and public hosts

Linux – Setting up Windows network on Xen

Related Topic