XEN network problem, domU's have no network connection

Discussion in 'Server Operation' started by Zeon, Oct 7, 2009.

  1. Zeon

    Zeon New Member

    Hey

    I've just installed a Debian Lenny AMD64 machine with xen 3.2-1.
    The box is up to date.
    The domU's are also Debian Lenny AMD64.
    I've installed everything according to this howto: http://www.howtoforge.com/virtualization-with-xen-on-debian-lenny-amd64


    The dom0 has a working internet connection, but none of my domU's have an outside connection.
    The domU's can ping each other without a problem, but they can't ping to the dom0 or the outside network.
    The connection is set up as a bridge with the default XEN scripts (network-bridge and vif-bridge).

    In my dom0 I see a lot of dropped packets on peth0.:
    peth0 Link encap:Ethernet HWaddr 00:24:21:ef:31:4d
    inet6 addr: fe80::224:21ff:feef:314d/64 Scope:Link
    UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
    RX packets:90489 errors:0 dropped:970655646476 overruns:0 frame:0
    TX packets:18339 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:106558714 (101.6 MiB) TX bytes:2507224 (2.3 MiB)
    Interrupt:16 Base address:0x8000


    Things I've tried:
    ping from dom0 to domU
    # ping 188.40.120.xxx
    PING 188.40.120.xxx (188.40.120.xxx) 56(84) bytes of data.
    ^C
    --- 188.40.120.xxx ping statistics ---
    67 packets transmitted, 0 received, 100% packet loss, time 66000ms

    arp -a doesn't know the domU

    # arping 188.40.120.xxx
    ARPING 188.40.120.xxx from 188.40.120.yyy eth0
    Unicast reply from 188.40.120.xxx [00:16:3E:FA:33:D5] 0.566ms
    Unicast reply from 188.40.120.xxx [00:16:3E:FA:33:D5] 0.555ms
    ^CSent 2 probes (1 broadcast(s))
    Received 2 response(s)

    Ping on domU to dom0
    ping 188.40.120.yyy
    PING 188.40.120.yyy (188.40.120.yyy) 56(84) bytes of data.
    ^C
    --- 188.40.120.yyy ping statistics ---
    14 packets transmitted, 0 received, 100% packet loss, time 13013ms

    on the same time a tcpdump on dom0:
    # tcpdump -lfni vif2.0
    20:59:20.342860 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 15621, seq 9, length 64
    20:59:21.342865 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 15621, seq 10, length 64
    20:59:22.342861 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 15621, seq 11, length 64
    20:59:23.342860 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 15621, seq 12, length 64

    No replies pass here but:
    # tcpdump -lfni eth0
    21:02:36.794903 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 15877, seq 20, length 64
    21:02:36.795015 IP 188.40.120.yyy> 188.40.120.xxx: ICMP echo reply, id 15877, seq 20, length 64
    21:02:36.794925 IP 188.40.120.yyy> 188.40.120.xxx: ICMP echo reply, id 15877, seq 20, length 64
    21:02:37.794849 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 15877, seq 21, length 64


    On dom0 while pinging to domU:
    # tcpdump -lfn
    [ 81.393249] device eth0 entered promiscuous mode
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
    19:17:05.296316 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 11013, seq 62, length 64
    19:17:06.296328 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 11013, seq 63, length 64
    19:17:07.296315 IP 188.40.120.xxx > 188.40.120.yyy: ICMP echo request, id 11013, seq 64, length 64

    while pinging from dom0 to domU tcpdump on dom0:
    19:17:57.557410 arp who-has 188.40.120.xxx (ff:ff:ff:ff:ff:ff) tell 188.40.120.yyy
    19:17:57.557463 arp reply 188.40.120.xxx is-at 00:16:3e:fa:33:d5
    19:17:58.560049 arp who-has 188.40.120.xxx (00:16:3e:fa:33:d5) tell 188.40.120.yyy
    19:17:58.560054 arp reply 188.40.120.xxx is-at 00:16:3e:fa:33:d5


    Relevant information:
    ifconfig on dom0:
    eth0 Link encap:Ethernet HWaddr 00:24:21:ef:31:4d
    inet addr:188.40.120.yyy Bcast:188.40.120.191 Mask:255.255.255.192
    inet6 addr: fe80::224:21ff:feef:314d/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:24920 errors:0 dropped:0 overruns:0 frame:0
    TX packets:18111 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:24466827 (23.3 MiB) TX bytes:2488546 (2.3 MiB)

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:16436 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

    peth0 Link encap:Ethernet HWaddr 00:24:21:ef:31:4d
    inet6 addr: fe80::224:21ff:feef:314d/64 Scope:Link
    UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
    RX packets:90489 errors:0 dropped:970655646476 overruns:0 frame:0
    TX packets:18339 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:106558714 (101.6 MiB) TX bytes:2507224 (2.3 MiB)
    Interrupt:16 Base address:0x8000

    vif3.0 Link encap:Ethernet HWaddr fe:ff:ff:ff:ff:ff
    inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
    UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
    RX packets:55 errors:0 dropped:0 overruns:0 frame:0
    TX packets:65601 errors:0 dropped:3 overruns:0 carrier:0
    collisions:0 txqueuelen:32
    RX bytes:3450 (3.3 KiB) TX bytes:81533940 (77.7 MiB)

    vif7.0 Link encap:Ethernet HWaddr fe:ff:ff:ff:ff:ff
    inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
    UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
    RX packets:123 errors:0 dropped:0 overruns:0 frame:0
    TX packets:162 errors:0 dropped:49 overruns:0 carrier:0
    collisions:0 txqueuelen:32
    RX bytes:9708 (9.4 KiB) TX bytes:21007 (20.5 KiB)

    ifconfig on domU:
    eth0 Link encap:Ethernet HWaddr 00:16:3e:fa:33:d5
    inet addr:188.40.120.xxx Bcast:188.40.120.191 Mask:255.255.255.192
    inet6 addr: fe80::216:3eff:fefa:33d5/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:167 errors:0 dropped:0 overruns:0 frame:0
    TX packets:123 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:21349 (20.8 KiB) TX bytes:11430 (11.1 KiB)

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:16436 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

    # brctl show
    bridge name bridge id STP enabled interfaces
    eth0 8000.002421ef314d no peth0
    vif3.0
    vif7.0

    dom0:
    # ip route list
    188.40.120.128/26 via 188.40.120.129 dev eth0
    188.40.120.128/26 dev eth0 proto kernel scope link src 188.40.120.132
    default via 188.40.120.129 dev eth0

    domU:
    # ip route show
    188.40.120.128/26 dev eth0 proto kernel scope link src 188.40.120.187
    default via 188.40.120.129 dev eth0

    I'm really hoping someone can give me a hand with this problem :)

    Thanks in advance!

    Zeon
     
  2. falko

    falko Super Moderator ISPConfig Developer

    Have you tried to ask your hoster? Maybe they need to modify the routing for the networking to work.
     
  3. Zeon

    Zeon New Member

    Hey

    I found out that my hoster apparently blocks bridged setups.

    I just changed it to a routed setup and it works.
    The strange thing is that a ping from domU to dom0 didn't work, since this wouldn't go through the external network.

    The problems is solved, but I have a good workaround :).

    Thanks for thinking with me.
     

Share This Page