| Article Index |
|---|
| Xen mini-ISP architecture |
| Setting Basic Infrastruture |
| Installing a new VM |
| Network Infrastructure |
| Zones Security Model |
| Quick Start |
| Bugs, New Feature |
| All Pages |
Network Instrastructure
This chapter describe the necessary step to make your VM to receive a valid IP address from DHCP. All described step are obviously done automatically by Fridu script.
If you have run "/etc/init.d/xend start" after updating your config with Fridu-network script you should have a xen-br0 or what ever you choose has default bridge name. This bridge should be active with a valid local IP adress (ex: 10.10.1.1) . Now what we want if to have our VM to receive automatically a valid IP address within this bridge IP/netmask range.
I've try many options to provide VM ip address from domU, but outside of hacking startup scrip inside the VM, I did not find any smart mechanism to do the job, and as adding dhcp=dhcp seem not to work (at least on OpenSuSE), the only option is to provide a valid DHCP config for Xen VM virtual NIC.
Make you VM DHCP aware
At this level you have to make sure that within /etc/xen/vm/MyVMconfig, you provided a MAC address to your "vif" interface definition. If you forgot to do so, your NIC mac address wiil change at every boot, forcing Linux to rename eth0 to something different. You can stop this by "FORCE_PERSISTENT_NAMES" value inside /etc/sysconfig/network/config on the VM or by preventing udev to run on the VM.
| # The easiest network config is to provide a fix MAC to your VM vifgrep vig /etc/xen/vm/MyVM.conf > vif = [ 'mac=aa:bb:cc:dd:ee:03, bridge=xen-br0, vifname=xen-com' ] # Then you need that eth0 of what ever is your network name on the VM is DHCP enablecat /etc/sysconfig/network/ifcfg-eth0 > BOOTPROTO='dhcp' > NAME='Xen Virtual Ethernet card 0' > STARTMODE='auto' >USERCONTROL='no' |
Install a local DHCP server.
As the best option is to use DHCP for our VM network, we need a local DHCP. As we do not need anything big dnsmasq is the perfect product for our needs, it is very small does not require any special configuration. It takes its config values directly from /etc/hosts and /etc/ethers and also act has a local DNS, plus Internet cache. You probably won't even have to recompile it, and while it is not part of default OpenSuSE DVD it is nevertheless very easy to find on any good rpm repository like rpmfind.net. You can download my sample config for dnsmaq from Here.
| # install binary version from rpm or aptget > rpm --install dnsmasq-2.35-8.i586.rpm # If you start from my basic config the only line you should check is > dhcp-range=10.10.12.100,10.10.12.150,255.255.255.0,12h # make sure your VM is in both /etc/hosts and /etc/ethers > cat /etc/hosts > ... > 10.10.1.1 BR-01 ntp dhcp xen > 10.10.1.2 VM-02 > 10.10.1.3 VM-03 > cat /etc/ethers > ... > AA:BB:CC:DD:EE:02 VM-02 > AA:BB:CC:DD:EE:03 VM-03 # start dnsmasq > /etc/init.d/dnsmasq start # check your dnsserveur is listening your bridgeInterface > netstat -na | grep 53 | grep udp > udp 0 0 0.0.0.0:53 0.0.0.0:* # connect on your VM and check for DHCP > xm console My-VM-Domain > login: root > password: xxxxx > dhcpcd-test eth0 > dhcpcd: MAC address = aa:bb:cc:dd:ee:03 > IPADDR=10.10.1.3 > NETMASK=255.255.255.0 > NETWORK=10.10.1.0 > BROADCAST=10.10.1.255 > GATEWAY=10.10.1.1 > HOSTNAME='common' > .... # if not working !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! # check that your DHCP request is moving from your VM to Dom-0 tcpdump -i xen-vm02 ;# what ever name you choose for VM Interface > tcpdump: WARNING: xen-tst: no IPv4 address assigned > listening on xen-tst, link-type EN10MB (Ethernet), capture size 96 bytes > 01:33:46.532650 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, > 01:33:46.533101 IP br0.bootps > common.bootpc: BOOTP/DHCP, Reply, length: 310 > 01:33:46.533292 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP > 01:33:46.583977 IP br0.bootps > common.bootpc: BOOTP/DHCP, Reply, length: 319 > 01:33:46.584365 arp reply common is-at common |
Your VM should have a working internal IP adress, and you should be able to ping from your VM to Dom-0 and vice versa. As you still have no NAT(Network-Address-Translation) and no routing, you are constrain to limit yourself within your box and cannot reach Internet. Nevertheless you should be able to ping any local address including any other VM, if you have some.
Notes:
** If DHCP-TEST is working but /etc/init.d/network restart does not provide you with any adress then you need to remove checksum from DHCP. On VM /etc/sysconfig/network/dhcp DHCLIENT_UDP_CHECKSUM="no"** when making test, I had few froze of my VM vif interface, result is that DHCP does not work. If tcpdumping corresponding interface for that given VM on dom-0 we do not see any packet. Ifconfig up/down will not solve the problem, but restarting the same VM with a different vif name should work :(
Just wanted to point out that the two sets of 'Prev - Next' links at the footer of the page are slightly confusing. Maybe the bottom ones should be called 'Older/Newer Article'
BTW, this is a great resource. I will try to understand it and apply it in a similar scenario.
=========> Fulup respond ==============
I agree that having two next/prev link on the same page is confusing :( I kept Joomla default default config, which was not a good idea.
Conclusion: I removed the article/article navigation and kept only the on to browse current article.
Thank you for the TIP.