[geeks] the virtualization project

Shannon shannon at widomaker.com
Sat Sep 17 21:20:13 CDT 2011 

On Sep 17, 2011, at 15:07 , Patrick Finnegan wrote:

>> bridge name	bridge id	STP		interfaces
>> eth0		8000.blah blah	NO		peth0
>>
>> I don't get that... its listing eth0 as a bridge?
>
> Yep. Once you install Xen, it renames your physical interface to peth0,
> and creates a bridge to use for itself, named eth0.  In doing this is
> where the default gateway goes away (which you noticed in another
> message).

Thanks for this note. I thought somehow it was going to do what it did on
NetBSD. Xen on NetBSD requires you to specifically make a bridge.

So, nice to know... but its still not working.

The Xen wiki says that bridged packets go through PREROUTING, FORWARD, and
POSTROUTING rules in the iptables chains (I assume they mean if you are
hosting on Linux) and that its likely FORWARDING is dropping them.

So maybe its the firewall that is breaking things. I'm going to try and enable
firewall logs to see if it will show me what rule is firing when Xen guests
try to send packets.

> Yes, since eth0 is the bridge made from peth0.  IIRC, peth0 will have to
> be up for the bridge device (eth0) to work.

No commands given for peth0 work at all, it becomes a purely physical ethernet
interface. Everything is done on the bridge once Xen munges things according
to the Xen wiki.

I can seem why they do this: you continue to use networking commands as you
did before, and it hides (to varying degrees of success) the fact you are
really configuring the bridge. When the machine first boots it will apply
those commands to the real eth0 before switching it, so its a rather scripted
illusion :)

One article I read suggested turning off Xen's bridge scripts and set up
Debian bridging yourself. They said while slightly more work, it avoided a
number of problems, though I wasn't clear at the time which problems.

I think first I'm going to make firewall logs as verbose as possible and see
if they are blocking the guests as the wiki suggests.


--
"Where some they sell their dreams for small desires."

More information about the geeks mailing list