|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] iptables in dom0 with bridge: no more outbound connections
Quoting Nico Kadel-Garcia <nkadel@xxxxxxxxx>: Peter Fokkinga wrote:[...] Now for the real spooky part: 1. I booted into dom0 (no xend) 2. executed `telnet 129.125.14.12 daytime`, it works 3. started xend 4. executed `telnet 129.125.14.12 daytime`, it still works (surprise!) 5. executed `telnet 129.125.14.13 daytime`, it does not workDNS cache, I think. But I'm using ip adresses, not names? I don't see how DNS fits in this picture. It's been discussed before: I haven't had a chance to pursue it, myself. Basically, after you start Xend, traffic going *out* from Dom0 goes through peth0, as near as I can tell, not eth0. Ok, but why is iptables interfering? I'm not refering to eth0 in my rules. If I flush iptables after starting Xend everything is fine, troubles start the moment I re-activate the rules. I get the feeling iptables does not remember its state, so my rule iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT has no effect. Kernel modules xt_state and ip_conntrack are loaded. Peter _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |