Hi, Tom -- Replying to:
> As I point out in the XenMyWay-Routed doc, the 'out of the box' routed > domU configuration _will not_ connect to the network (it can connect to > the dom0). You can correct that problem by doing this: > > echo 1 > /proc/sys/net/ipv4/conf/<external interface>/proxy_arp > > Note that Shorewall will do that for you once you have it properly > configured. I know that, and I made sure that proxy ARP was enabled for the interface in question, as you've described. But as best I can tell, this is NOT the basis of the problems I've been running into. My problem is NOT an inability of working domU's to connect to the network. Rather, my problem is that routing configuration problems have prevented domU's from starting up AT ALL -- and when I finally did manage to kludge together a Xen networking setup where domU's could be successfully created, a Shorewall running on the Xen box (in dom0) was unable to deal with the network traffic (as illustrated by the SNAT problem I described). The thing that's really frustrating here is that even though I thought I was following your instructions for setting up a routed configuration, something was clearly going wrong, because it simply wouldn't work (my domU's claimed to be running into some unspecified networking setup error in vif-route and would not start). And when, after much trial and error, I did finally manage to put together something that appeared to work, I discovered that Shorewall simply wouldn't behave properly with my setup (as you've seen). I've gone back to Square One and am trying, again, to get a vanilla routed Xen configuration (without any bridging whatsoever) to work. So far, I'm having no success; when I try to create a domU, vif-route logs a cryptic network setup error, and my "xm create" command exits without having accomplished a thing. Any suggestions are welcome. I've described my problem on xen-users, but so far at least, no one over there has come up with anything useful. -- Rich Wales === Palo Alto, CA, USA === [EMAIL PROTECTED] http://www.richw.org === http://en.wikipedia.org/wiki/User:Richwales ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
