[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Help me to set up network (routes)

Fajar A. Nugraha wrote:

You can. Easily.
RHEL5 by default has libvirt, which would create a bridge called
virbr0. Just assign your domUs to that bridge and they will be
automagically NAT-ed without having to setup any iptables rules
manually.
I'm in Gentoo and there are libvirt *masked* for installing, so I can't use it ;-( 

But you give me a good idea to port my thoughts from my Qemu network to Xen.
Today, I rewrite vif-nat script and make my own. And it works! This is NOT a great script, 'cause only one Xen machine can grab network (really, I dont test it on 2 or more VM, so I thought it cannot work). But, I'm love my hardware and never-never run more than one VM. My script is, of course, for me only.
But, I decide to post in here, on mailing-list, 'cause maybe someone find it later via Google ;-) 

=============================
%# cat > /etc/xen/scripts/vif-tap << "EOF"
#!/bin/bash

# written by AlannY (m@xxxxxxxxx) from vif-nat.
# 8 May 2009
# public domain

dir=$(dirname "$0")
. "$dir/vif-common.sh"

if [ "$ip" = "" ]; then
  fatal 'IP not found in config'
fi

dom0_ip=$(echo "$ip" | awk -F. '{print $1"."$2"."$3".1"}')
dom0_broadcast=$(echo "$ip" | awk -F. '{print $1"."$2"."$3".255"}')

if [ "$ip" -eq "$dom0_ip" ]; then
  fatal 'DomU IP cannot be Dom0 IP'
fi

if [ "$ip" -eq "$dom0_broadcast" ]; then
  fatal 'DomU IP cannot be Dom0 broadcast'
fi

domU_ip=`echo ${ip} | awk -F/ '{print $1}'`

# it's a HACK
tap=$(echo $vif | sed s/vif/tap/)

case "$command" in
    online)
        if ip route | grep -q "dev $tap"
        then
          log debug "$tap already up"
          exit 0
        fi
do_or_die ifconfig "$tap" up "$dom0_ip" netmask "255.255.255.0" broadcast "$dom0_broadcast" 

        do_or_die iptables -t nat -A POSTROUTING -s $domU_ip -j MASQUERADE
        do_or_die iptables -t nat -A POSTROUTING -d $domU_ip -o $tap
        ;;
    offline)
        do_without_error ifconfig "$vif" down

        do_without_error iptables -t nat -D POSTROUTING -s $domU_ip -j 
MASQUERADE
        do_without_error iptables -t nat -D POSTROUTING -d $domU_ip -o $tap
        ;;
esac

log debug "Successful vif-tap $command for $tap."

if [ "$command" = "online" ]; then
  success
fi
EOF
%# chmod 0755 /etc/xen/scripts/vif-tap

Also, edit /etc/xen/xend-config.sxp and replace:

(network-script /bin/true)
(vif-script     vif-tap)

On every Virtual Machine configuration file use:

vif = [ 'ip=xx.xx.xx.xx' ]

for example:

vif = [ 'ip=10.0.2.2' ]

On Virtual OS use following settings:

ip=vif_ip # (see above), for example 10.0.2.2
netmask=255.255.255.0
gateway=xx.xx.xx.1 # based on vif_ip with 1 at the end, for example 10.0.2.1
========================================
I'm using Xen only 3rd (or 2nd) day, and don't understand how Xen works with TUN/TAP and why vifs are so important. So, I decide to turn off that vifs and leave only virtual TUN/TAP driver, which, of course, do the main job. Maybe it's a core mistake and it can't be applied to Xen, but - this script works ;-) And this is only what I need ;-) As I said before - this script is only for my purpose. 

The problem is solved. Thanks for your patience ;-)

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.