我正在尝试在新的 Xen 服务器上设置一些 domU 主机,但是,我似乎无法让任何这些主机连接到本地网络(即办公室的 192.168.0.* 范围)。在这些主机上运行 dhclient 只会分配 192.168.122.* IP 地址,我可以从 dom0 ping 这些地址,但不能从任何外部主机(如我的工作站)ping 这些地址。以下是一些信息:
dom0的ifconfig:
eth0 Link encap:Ethernet HWaddr 54:04:a6:19:25:77
inet addr:192.168.0.107 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::5604:a6ff:fe19:2577/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13383 errors:0 dropped:0 overruns:0 frame:0
TX packets:2193 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1808204 (1.8 MB) TX bytes:462896 (462.8 KB)
Interrupt:18 Memory:fb500000-fb520000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:72 errors:0 dropped:0 overruns:0 frame:0
TX packets:72 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9600 (9.6 KB) TX bytes:9600 (9.6 KB)
vif7.0 Link encap:Ethernet HWaddr fe:ff:ff:ff:ff:ff
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:27 errors:0 dropped:0 overruns:0 frame:0
TX packets:363 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:4372 (4.3 KB) TX bytes:20444 (20.4 KB)
virbr0 Link encap:Ethernet HWaddr fe:ff:ff:ff:ff:ff
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:130 errors:0 dropped:0 overruns:0 frame:0
TX packets:136 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:21401 (21.4 KB) TX bytes:19171 (19.1 KB)
domU 的 ifconfig 如下:
eth0 Link encap:Ethernet HWaddr 00:16:3e:5a:85:b0
inet addr:192.168.122.51 Bcast:192.168.122.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe5a:85b0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:476 errors:0 dropped:0 overruns:0 frame:0
TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:19650 (19.6 KB) TX bytes:4750 (4.7 KB)
Interrupt:10
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
在 /etc/xen 中的 VM 配置文件中我们还看到:
#
# Networking
#
dhcp = 'dhcp'
vif = [ 'mac=00:16:3E:5A:85:B0' ]
dom0 上的 iptables 规则:
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere PHYSDEV match --physdev-out vif7.0 --physdev-is-bridged
ACCEPT all -- anywhere anywhere PHYSDEV match --physdev-in vif7.0 --physdev-is-bridged
ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
最后,在 /etc/xen/xend.conf 中我们看到启用了以下选项:
(network-script network-bridge)
(vif-script vif-bridge)
根据文档,这就是您所需要的。顺便说一下,这些是 Ubuntu 盒子。
作为 Xen 的新手,我期望的行为是 domU 中的 eth0 将从办公室的 dhcp 服务器分配一个 192.168.0.* 地址 - 这是我过去使用过的其他虚拟化产品的行为(即 Virtualbox + VMWare)。
有人可以解释一下这个问题吗?
干杯!
答案1
找到解决方案了,原来我们受到了 Qemu 的一些干扰。观察以下文件:
# cat /etc/libvirt/qemu/networks/autostart/default.xml
<network>
<name>default</name>
<bridge name="virbr0" />
<forward/>
<ip address="192.168.122.1" netmask="255.255.255.0">
<dhcp>
<range start="192.168.122.2" end="192.168.122.254" />
</dhcp>
</ip>
</network>
这影响了我们创建桥接网络的能力,而是强制使用 NAT。修复方法很简单 - 删除文件并重新启动!之后我们的界面如下所示:
eth0 Link encap:Ethernet HWaddr 54:04:a6:19:25:77
inet addr:192.168.0.107 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::5604:a6ff:fe19:2577/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11544 errors:0 dropped:0 overruns:0 frame:0
TX packets:316 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1693851 (1.6 MB) TX bytes:37859 (37.8 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
peth0 Link encap:Ethernet HWaddr 54:04:a6:19:25:77
inet6 addr: fe80::5604:a6ff:fe19:2577/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:16811 errors:0 dropped:0 overruns:0 frame:0
TX packets:441 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2309354 (2.3 MB) TX bytes:52524 (52.5 KB)
Interrupt:18 Memory:fb500000-fb520000
vif2.0 Link encap:Ethernet HWaddr fe:ff:ff:ff:ff:ff
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:49 errors:0 dropped:0 overruns:0 frame:0
TX packets:11937 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:5850 (5.8 KB) TX bytes:1624520 (1.6 MB)
而且我们的桥梁也自动设置如下:
# brctl show
bridge name bridge id STP enabled interfaces
eth0 8000.5404a6192577 no peth0
vif2.0
现在所有 DomainU 主机都按预期工作了。希望这对其他人有所帮助 :)