[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Re: problems with xen installation


  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: Andy Smith <andy@xxxxxxxxxxxxxx>
  • Date: Fri, 30 Dec 2005 15:14:26 +0000
  • Delivery-date: Fri, 30 Dec 2005 15:19:00 +0000
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Openpgp: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc

On Fri, Dec 30, 2005 at 08:23:42PM +0530, Anand wrote:
> 
>    Dear Andy,
>    Thanks for the reply.
>    >As you noted the vif name will change every time a domain is
>    >restarted.  In Xen 2.x you can use the vifname config directive to
>    >hardcode vif names per domain.  You can also do this in 3.0 if you
>    >use a snapshot of -unstable that has this functionality (apologies,
>    >I do not know exactly when it was (re)added).
>    Thanks, thats indeed excellent news. May i ask is the snapshot stable
>    enough to use on the production box (sorry if it sounds a stupid
>    question to you). I am using 3.0 stable rpm from xensource on centos
>    4.1 right now.

I can't advise on this I'm afraid as I'm not using it heavily in
production.

It works nicely in the latest 2.x which is what I'm running in
production.

>    >You can measure the bandwidth use of the vif interfaces in dom0,
>    >either by parsing /proc/net/devices periodically or by polling SNMP.
>    This will give the problem of the vifname changing everytime and hence
>    loosing track of the vif to whom the bandwidth should be accounted to.

Yes you do need to use vifname for this to work.

>    >Finally you could also use iptables in dom0 and the physdev module
>    >to add rules for traffic going in/out particular vifs, and poll its
>    >counters to measure bandwidth.
>    Is it possible for you to direct me to some examples ? It will really
>    help.

This too requires static vif names.  Off the top of my head:

iptables -N accounting_in
iptables -N accounting_out

iptables -A FORWARD -m physdev --physdev-out vif+ -j accounting_in
iptables -A FORWARD -m physdev --physdev-in  vif+ -j accounting_out

iptables -A accounting_in  -m physdev --physdev-out vif-foo+ -j RETURN
iptables -A accounting_out -m physdev --physdev-in  vif-foo+ -j RETURN

The above iptables commands check all forwarded traffic to see if it
came from/to a vif, if they do they are checked to see if they
specifically went through an interface name matching "vif-foo*".
You can then use

iptables -v --list accounting_in
iptables -v --list accounting_out

to view the packet and byte counters for those tables.

Note this matches only IP traffic.  You'll need to use ip6tables to
match IPv6.

Without static vif names you could add rules to the bridge interface
and try to match only things going to or coming from the IP
addresses that you have assigned but that seems even more hackish to
me..

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.