VM Networking basics

posted in Hypervisor
Friday, August 01 2014, 12:40 PM
David Byng
David Byng
Offline
0
Hi,

I need some information about routing public IP addresses assigned to the hypervisor into a VM.

I have installed XEN hypervisor on Centos 6.5, I have one NIC and with IP 80.86.84.34 & Mask:255.255.255.0 I have an additional IP 85.25.14.195 Mask: 255.255.255.255

Dom0 has eth0 & virbr0 with a virtual dhcp, the VM has address 192.168.122.4 & Mask:255.255.255.0 the VM has working outbound internet connection.

How do I correctly set dom0 to route connections for 85.25.14.195 into the VM?

Many thanks for your help and apologies if this is a basic question that has been answered before, please point me in the right direction.
Responses (4)
  • Accepted Answer

    Friday, August 01 2014, 06:55 PM - #permalink
    0
    David,

    Since networking always contains choices and there are generally several different approaches to any one problem, the best choice is to review the Networking Wiki page:

    http://wiki.xenproject.org/wiki/Xen_Networking

    Look at the Bridging and Routing sections. If you prefer to look at examples, check out:

    http://wiki.xenproject.org/wiki/Network_Configuration_Examples_%28Xen_4.1%2B%29

    under the "Red Hat style" configurations.

    If those pages don't clarify things, let us know.

    Russ
    The reply is currently minimized Show
  • Accepted Answer

    David Byng
    David Byng
    Offline
    Monday, August 04 2014, 08:08 AM - #permalink
    0
    I have managed to route the public IP by adding the below route in Dom0, DomU now correctly responds to packets received by Dom0 for the public IP forwarded over virbr0.

    route add -net 85.25.14.195 gw 192.168.122.1 netmask 255.255.255.255


    My follow up question is what rule is required in IP tables to allow traffic? As currently it is blocked when the firewall is running.
    The reply is currently minimized Show
  • Accepted Answer

    David Byng
    David Byng
    Offline
    Monday, August 04 2014, 12:34 PM - #permalink
    0
    OK, so I figured out the iptables, I had to remove the REJECT line on virbr0, I also had to add the following rule to make the outbound IP from Dom0 appear correctly:
    -A POSTROUTING -s 192.168.122.2 -p tcp -j SNAT --to 85.25.14.195
    The reply is currently minimized Show
  • Accepted Answer

    Monday, August 04 2014, 08:29 PM - #permalink
    0
    David,

    Good job!

    FWIW, if you need something closer to real-time response when you are debugging an issue, you might want to try our ##xen IRC channel or the xen-users mailing list. There are more eyes watching those channels than watch here.

    Also, what you have learned could be of interest to others. Consider creating a page (or contributing to an existing one) on Wiki.XenProject.org describing the solution you came to. Networking can be tricky to document because of the number of variables (differences of network topology and differences in use case), so capturing the solutions of different people in different scenarios can increase the chance that the document will speak to the next person who comes along.

    If you'd care to document your solution, fill out the form requesting write-access to the Wiki (you can find the link on the front page of the Wiki) and then record the information in a suitable place (or in a new page).

    If you need help, contact me and I will try to facilitate.

    Again, good job!

    Russ
    The reply is currently minimized Show
Your Reply