bar code for .NET [user@Dom0]# brctl show bridge name bridge id xenbr0 8000.feffffffffff in .NET Encoding QR Code in .NET [user@Dom0]# brctl show bridge name bridge id xenbr0 8000.feffffffffff

[user@Dom0]# brctl show bridge name bridge id xenbr0 8000.feffffffffff generate, create none none with none barcode generator STP enabled no Recommended GS1 barcodes for mobile apps interfaces vif1.0 peth0 vif0.0 The bridge"s name is xen none for none br0, and its MAC address is FE:FF:FF:FF:FF:FF. The guest domain"s backend interface vif1.0, the driver domain"s interface vif0.

0, and the physical interface peth0 are all connecting through the bridge xenbr0. The xenbr0 interface is responsible for delivering packets to and from the appropriate interface according to MAC addresses..

Details of Routing Mode In this section, we foll none none ow the high-level steps outlined in an earlier section and provide a detailed low-level example of configuring routing mode in Xen. As we"ve mentioned, a router is a network layer device above the link layer. It processes IP packets containing source and destination IP addresses, forwarding and routing the packets to the network segment nearer to the destination machine.

Xen"s routing mode works much like a hardware router. Guest domains are routed to the Ethernet through the driver domain. With ip_forwarding enabled in iptables in the driver domain, it acts as a router, relaying guest domains" packets from one network segment onto the external network segment.

Figure 10.8 demonstrates the topology of Xen routing mode..

Figure 10.8. The guest d omains are routed to the Ethernet through the driver domain.

The driver domain acts as the gateway of the guest domains.. In routing mode, the gue none for none st domain sets the driver domain as its gateway. Whenever the guest domain tries to send its packets to the Internet, the packets are sent to the software router first. Then the driver domain routes these packets further to the Internet.

On the other hand, when the backend vif of a guest domain receives packets from the software router, it puts the packets into the receiving buffers of its frontend interface. Then the guest domain receives the packet from its receiving buffer as it would with a physical network interface. The physical network interface in the driver domain is like one of the router"s ports that connect to the outside.

network segment. The bac kend vifs of the guest domains that lie on the different network segments are like the other ports of the router..

Routing Configuration Example First, in the Xend confi guration file, we should comment the network-bridge and vif-bridge and uncomment the network-route and vif-route. The network directives, network-script and vif-script, are shown in Listing 10.8.

Notice that the network-route and vif-route lines are the only ones uncommented. Listing 10.8.

Xend Routing Mode Configurations. # (network-script networ none for none k-bridge) # (vif-script vif-bridge) (network-script network-route) (vif-script vif-route) #(network-script network-nat) #(vif-script vif-nat). Additionally, several li nes should be added to the script /etc/xen/scripts/network-route, as shown in Listing 10.9. In newer versions of Xen, it should already be fixed.

Listing 10.9. To Fix the Xend network-route Script (if necessary).

echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp The first line is the de fault line in the script, setting ip_forwarding in iptables so that the driver domain acts as a router. The second line is added to fix the default network-route script. When proxy_arp is set, the router acts as the ARP proxy for the guest domain, answering an ARP request for the guest domain when the destination address is in another network segment.

Notice that eth0 on the second line is the current working network interface in the driver domain. You would change this if you were using a different interface for routing. If using the default network-route script without the second line, when the guest domain pings a running machine"s IP, it will not receive any ICMP replies.

This problem can be clearly seen when using the network analyzer Ethereal to trace what happens to the ICMP request packets. For example, the pinged remote physical machine is 128.153.

144.148, and its MAC address is 00:04:76:35:0a:72; the guest domain is 128.153.

144.112, and its MAC address is 00:16:3e:06:54:94. First, we take a trace on the guest domain"s virtual interface vif1.

0. Figure 10.9 shows a screenshot of the Ethereal trace on the guest domain vif in routing mode.

Copyright © . All rights reserved.