9 Replies Latest reply: Oct 1, 2013 10:32 PM by 661705 RSS

    No internet/LAN access from/to outside and domU

    922042
      I've installed oracle VM 2.2.2 and proceeded to setup a RAC system using the 11gR2 templates.
      Right after network configuration I wanted to login directly using putty rather than the oracle VMM console and failed. This is when I started digging and experimenting.
      Right now I have 2 virtual machines in the VMS which can ping each other and can ping the server (dom0). also, the server can ping the outside wold and the domU. But domU cannot ping outside world.

      In a more graphical explanation, this looks like this:

      LAN <-> dom0 (ping ok either way)
      dom0 <-> domU (ping ok either way)
      LAN --- domU (ping not working at all)

      VM is configured with bridged networking.

      I noticed others also have this problem but there is no solution yet as I could find.

      I changed default xen config from
      #(network-script network-bridge)
      (network-script network-bridges)
      to
      (network-script network-bridge)
      #(network-script network-bridges)

      in order to also get the IP on eth0

      but this didn't have any other effects as far as I can see.

      intended configuration (in case something is wrong there and I'm not seeing it)

      LAN:
      GW: 192.168.14.1
      NM: 255.255.255.0

      dom0:
      IP: 192.168.14.200
      NM: 255.255.255.0
      GW: 192.168.14.1 (so that it will go out into the internet, through the LAN default gateway)

      domU:
      public
      IP: 192.168.14.211 (212,213,..)
      NM: 255.255.255.0
      GW: 192.168.14.200 (I also tried 192.168.14.1 without any luck)
      private:
      IP: 192.168.114.211 (212,213,..)
      NM: 255.255.255.0
      GW: 192.168.114.211

      dom1 ping dom2 works on both public and private IPs.
      dom0 ping dom1,2 works on public ip 192.168.14.x
      dom0 ping GW 192.168.14.1 works fine
      dom1 ping GW 192.168.14.1 fails with
      From 192.168.14.211 icmp_seq=1 Destination Host Unreachable

      (I would expect this reply to be coming from 192.168.14.200 which is the default GW for this subnet on domU, but maybe my networking expectations are wrong?)
      dom0
      # brctl show
      bridge name     bridge id               STP enabled     interfaces
      xenbr0          8000.000c29adc2ec       no              vif2.0
                                                              vif1.0
                                                              eth0
      xenbr1          8000.000c29adc2f6       no              vif2.1
                                                              vif1.1
                                                              eth1
      xenbr2          8000.000c29adc200       no              eth2
      dom0
      # ifconfig
      eth0      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
                inet addr:192.168.14.200  Bcast:192.168.14.255  Mask:255.255.255.0
                inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
                UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
                RX packets:126127 errors:0 dropped:0 overruns:0 frame:0
                TX packets:142498 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1000
                RX bytes:10134769 (9.6 MiB)  TX bytes:28014848 (26.7 MiB)
                Interrupt:17 Base address:0x2000
      
      eth1      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
                inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:53169 errors:0 dropped:0 overruns:0 frame:0
                TX packets:155 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1000
                RX bytes:4838223 (4.6 MiB)  TX bytes:29383 (28.6 KiB)
                Interrupt:18 Base address:0x2080
      
      eth2      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
                inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:53192 errors:0 dropped:0 overruns:0 frame:0
                TX packets:103 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1000
                RX bytes:4843373 (4.6 MiB)  TX bytes:26844 (26.2 KiB)
                Interrupt:19 Base address:0x2400
      
      lo        Link encap:Local Loopback
                inet addr:127.0.0.1  Mask:255.0.0.0
                inet6 addr: ::1/128 Scope:Host
                UP LOOPBACK RUNNING  MTU:16436  Metric:1
                RX packets:38563 errors:0 dropped:0 overruns:0 frame:0
                TX packets:38563 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:0
                RX bytes:7482112 (7.1 MiB)  TX bytes:7482112 (7.1 MiB)
      
      vif1.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:2364 errors:0 dropped:0 overruns:0 frame:0
                TX packets:50167 errors:0 dropped:175 overruns:0 carrier:0
                collisions:0 txqueuelen:32
                RX bytes:79311 (77.4 KiB)  TX bytes:4601272 (4.3 MiB)
      
      vif1.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:26 errors:0 dropped:0 overruns:0 frame:0
                TX packets:51483 errors:0 dropped:154 overruns:0 carrier:0
                collisions:0 txqueuelen:32
                RX bytes:1160 (1.1 KiB)  TX bytes:4689578 (4.4 MiB)
      
      vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:4222 errors:0 dropped:0 overruns:0 frame:0
                TX packets:48378 errors:0 dropped:206 overruns:0 carrier:0
                collisions:0 txqueuelen:32
                RX bytes:162754 (158.9 KiB)  TX bytes:4502583 (4.2 MiB)
      
      vif2.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:30 errors:0 dropped:0 overruns:0 frame:0
                TX packets:50244 errors:0 dropped:186 overruns:0 carrier:0
                collisions:0 txqueuelen:32
                RX bytes:1272 (1.2 KiB)  TX bytes:4577492 (4.3 MiB)
      
      xenbr0    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
                inet addr:192.168.14.200  Bcast:0.0.0.0  Mask:255.255.255.0
                inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:132361 errors:0 dropped:0 overruns:0 frame:0
                TX packets:137740 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:0
                RX bytes:8584655 (8.1 MiB)  TX bytes:27843674 (26.5 MiB)
      
      xenbr1    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
                inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:52855 errors:0 dropped:0 overruns:0 frame:0
                TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:0
                RX bytes:4071294 (3.8 MiB)  TX bytes:4386 (4.2 KiB)
      
      xenbr2    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
                inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:52721 errors:0 dropped:0 overruns:0 frame:0
                TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:0
                RX bytes:4066860 (3.8 MiB)  TX bytes:4386 (4.2 KiB)
      domU
      # ifconfig
      eth0      Link encap:Ethernet  HWaddr 00:16:3E:06:AC:F9
                inet addr:192.168.14.211  Bcast:192.168.14.255  Mask:255.255.255.0
                inet6 addr: fe80::216:3eff:fe06:acf9/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:43810 errors:0 dropped:0 overruns:0 frame:0
                TX packets:3351 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1000
                RX bytes:4107179 (3.9 MiB)  TX bytes:187816 (183.4 KiB)
      
      eth1      Link encap:Ethernet  HWaddr 00:16:3E:2F:2C:5C
                inet addr:192.168.114.211  Bcast:192.168.114.255  Mask:255.255.255.0
                inet6 addr: fe80::216:3eff:fe2f:2c5c/64 Scope:Link
                UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                RX packets:44784 errors:0 dropped:0 overruns:0 frame:0
                TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:1000
                RX bytes:4113548 (3.9 MiB)  TX bytes:888 (888.0 b)
      
      lo        Link encap:Local Loopback
                inet addr:127.0.0.1  Mask:255.0.0.0
                inet6 addr: ::1/128 Scope:Host
                UP LOOPBACK RUNNING  MTU:16436  Metric:1
                RX packets:1751 errors:0 dropped:0 overruns:0 frame:0
                TX packets:1751 errors:0 dropped:0 overruns:0 carrier:0
                collisions:0 txqueuelen:0
                RX bytes:182759 (178.4 KiB)  TX bytes:182759 (178.4 KiB)
      dom0
      # route -n
      Kernel IP routing table
      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 xenbr0
      192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
      169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
      0.0.0.0         192.168.14.1    0.0.0.0         UG    0      0        0 eth0
      domU
      ]# route -n
      Kernel IP routing table
      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      192.168.114.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
      192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
      0.0.0.0         192.168.14.200  0.0.0.0         UG    0      0        0 eth0
      domU
      On dom0, I also tried logging in iptables, adding log target as first rule in NAT, RAW and INPUT tables, on icmp packets, no other filtering, but the pings to 192.168.14.1 don't show up at all, only to 192.168.14.200
      iptraf, tcpdump don't show anything coming from 192.168.14.211 while pinging any address (.1 or .200 which is a bit weird for me since I would expect at least the .200 to show up). tcp connections show up, it's just the icmp ones that don't

      I'm out of ideas on what to try so any suggestion is welcome.

      Thank you.
        • 1. Re: No internet/LAN access from/to outside and domU
          821215
          Your domU should have the GW set to 192.168.14.1.

          You shouldn't need to do anything to iptables on dom0 unless you've done something non-standard.

          Try:
          1) Changing the xen bridge config back to what it was. The IP address for dom0 should be on xenbr0, not eth0, and you definitely shouldn't see the IP address for dom0 registered on both eth0 and xenbr0. After changing the bridge config reboot the server (dom0)
          2) Change the GW of the domU guests to 192.168.14.1 (i.e. the real gateway on your LAN)

          Edited by: user10786594 on 16/03/2012 15:36
          • 2. Re: No internet/LAN access from/to outside and domU
            922042
            Thanks for the reply. Unfortunately, that's how the network config looks like after initial installation and it does not work.
            I installed fresh both the VM and the machines. Right after installation finished, I got an error regarding the SCAN name resolution, which is most likely because of this same issue since the DNS is also the gateway and the gateway is nto pingable or otherwise reachable.

            here is how things look like after a fresh installation

            (to note that I had to manually ad the default gateway to dom0 and populate /etc/resolf.conf. my dom0 is configured to use DHCP but appears to not respond properly to it.)

            also, resolution is very slow so I added the VMM and VM to each others hostfile, as adding the serverpool would timeout in VMM because of the dns resolution lag. Which I dont;' know why happens since everything is local. but I don't think this is an issue when pinging the gateway since I use IPs

            That's all the "non-standard" changes I made to the default installation
            # brctl show
            bridge name     bridge id               STP enabled     interfaces
            xenbr0          8000.000c29adc2ec       no              vif2.0
                                                                    vif1.0
                                                                    eth0
            xenbr1          8000.000c29adc2f6       no              vif2.1
                                                                    vif1.1
                                                                    eth1
            xenbr2          8000.000c29adc200       no              eth2
            dom0
            # ifconfig
            eth0      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
                      inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:5992363 errors:3 dropped:3 overruns:0 frame:0
                      TX packets:1384895 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:1000
                      RX bytes:506002791 (482.5 MiB)  TX bytes:92216241 (87.9 MiB)
                      Interrupt:17 Base address:0x2000
            
            eth1      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
                      inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:1176 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:1000
                      RX bytes:97271 (94.9 KiB)  TX bytes:14991 (14.6 KiB)
                      Interrupt:18 Base address:0x2080
            
            eth2      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
                      inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:1169 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:1000
                      RX bytes:99831 (97.4 KiB)  TX bytes:13993 (13.6 KiB)
                      Interrupt:19 Base address:0x2400
            
            lo        Link encap:Local Loopback
                      inet addr:127.0.0.1  Mask:255.0.0.0
                      inet6 addr: ::1/128 Scope:Host
                      UP LOOPBACK RUNNING  MTU:16436  Metric:1
                      RX packets:18137 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:18137 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:0
                      RX bytes:3679328 (3.5 MiB)  TX bytes:3679328 (3.5 MiB)
            
            vif1.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                      inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:252 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:312 errors:0 dropped:83 overruns:0 carrier:0
                      collisions:0 txqueuelen:32
                      RX bytes:7580 (7.4 KiB)  TX bytes:17030 (16.6 KiB)
            
            vif1.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                      inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:19 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:543 errors:0 dropped:16 overruns:0 carrier:0
                      collisions:0 txqueuelen:32
                      RX bytes:944 (944.0 b)  TX bytes:35036 (34.2 KiB)
            
            vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                      inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:250 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:310 errors:0 dropped:58 overruns:0 carrier:0
                      collisions:0 txqueuelen:32
                      RX bytes:7412 (7.2 KiB)  TX bytes:16834 (16.4 KiB)
            
            vif2.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
                      inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:21 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:542 errors:0 dropped:16 overruns:0 carrier:0
                      collisions:0 txqueuelen:32
                      RX bytes:1028 (1.0 KiB)  TX bytes:34966 (34.1 KiB)
            
            xenbr0    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
                      inet addr:192.168.14.200  Bcast:0.0.0.0  Mask:255.255.255.0
                      inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:5992663 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:1384374 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:0
                      RX bytes:422109086 (402.5 MiB)  TX bytes:92191064 (87.9 MiB)
            
            xenbr1    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
                      inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:916 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:0
                      RX bytes:62837 (61.3 KiB)  TX bytes:4570 (4.4 KiB)
            
            xenbr2    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
                      inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:789 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:0
                      RX bytes:56527 (55.2 KiB)  TX bytes:4570 (4.4 KiB)
            dom0
            # route -n
            Kernel IP routing table
            Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
            192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 xenbr0
            0.0.0.0         192.168.14.1    0.0.0.0         UG    0      0        0 xenbr0
            domU
            # ifconfig
            eth0      Link encap:Ethernet  HWaddr 00:16:3E:71:5D:F4
                      inet addr:192.168.14.211  Bcast:192.168.14.255  Mask:255.255.255.0
                      inet6 addr: fe80::216:3eff:fe71:5df4/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:372 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:340 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:1000
                      RX bytes:20501 (20.0 KiB)  TX bytes:17948 (17.5 KiB)
            
            eth1      Link encap:Ethernet  HWaddr 00:16:3E:01:81:9B
                      inet addr:192.168.114.211  Bcast:192.168.114.255  Mask:255.255.255.0
                      inet6 addr: fe80::216:3eff:fe01:819b/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:624 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:1000
                      RX bytes:38513 (37.6 KiB)  TX bytes:958 (958.0 b)
            
            lo        Link encap:Local Loopback
                      inet addr:127.0.0.1  Mask:255.0.0.0
                      inet6 addr: ::1/128 Scope:Host
                      UP LOOPBACK RUNNING  MTU:16436  Metric:1
                      RX packets:122 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:122 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:0
                      RX bytes:11903 (11.6 KiB)  TX bytes:11903 (11.6 KiB)
            domU
            # route -n
            Kernel IP routing table
            Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
            192.168.114.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
            192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
            0.0.0.0         192.168.14.1    0.0.0.0         UG    0      0        0 eth0
            dom0
            # ping 192.168.14.1
            PING 192.168.14.1 (192.168.14.1) 56(84) bytes of data.
            64 bytes from 192.168.14.1: icmp_seq=1 ttl=64 time=0.205 ms
            
            --- 192.168.14.1 ping statistics ---
            1 packets transmitted, 1 received, 0% packet loss, time 0ms
            rtt min/avg/max/mdev = 0.205/0.205/0.205/0.000 ms
            domU
            # ping 192.168.14.200
            PING 192.168.14.200 (192.168.14.200) 56(84) bytes of data.
            64 bytes from 192.168.14.200: icmp_seq=1 ttl=64 time=0.080 ms
            
            --- 192.168.14.200 ping statistics ---
            1 packets transmitted, 1 received, 0% packet loss, time 0ms
            rtt min/avg/max/mdev = 0.080/0.080/0.080/0.000 ms
            
            # ping 192.168.14.1
            PING 192.168.14.1 (192.168.14.1) 56(84) bytes of data.
            From 192.168.14.211 icmp_seq=1 Destination Host Unreachable
            From 192.168.14.211 icmp_seq=2 Destination Host Unreachable
            From 192.168.14.211 icmp_seq=3 Destination Host Unreachable
            
            --- 192.168.14.1 ping statistics ---
            4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3006ms
            , pipe 3
            I strongly feel the problem lies on dom0 and all the bridging going on there.
            • 3. Re: No internet/LAN access from/to outside and domU
              821215
              The output you've provided all look sensible.

              I have had issues with Oracle VM 2.2.1 before where packets would try to go out VIF and hit the bridge, but not make it any further. You could be seeing something similar which could explain why you can ping dom0 but nothing further.

              Can you do a tcpdump on:
              - eth0 inside domU
              - vif on dom0 that corresponds to domU (e.g. vif1.0)
              - xenbr0 on dom0
              - eth0 on dom0

              Then see how far your ping gets. When I had issues, the packets would make it as far as the xenbr interface, but never get passed on to the underlying interface (eth0). I opened an SR with Oracle Support and unfortunately they were unable to find anything conclusive, however upgrading from 2.2.1 to 2.2.2 solved the issue for me.

              Can you also download "vmpinfo" from the MoS site, run it, and have a look at the summary HTML file for any issues it detects in your configuration.
              • 4. Re: No internet/LAN access from/to outside and domU
                922042
                any idea: isn't there a codebox like tag I can use that is like code but has scrollbars?

                tcpdump on vif1.0 for dom1 while pinging 192.168.14.1 shows only arp who-has packets
                tcpdump on xenbr0 and eth0 show the exact same packets

                I'm not sure what you want me to look/test for with tcpdump on domU ...

                btw, I'm using OVM 2.2.2 already ...


                vmpinfo on dom0 shows:
                # vmpinfo
                * * * * * *
                * VMPInfo Host Resource Pre-check
                *
                * Using /etc/vmpinfo.conf
                * MD5 ok: fd98e021f389c27ef68017f798a8cef1
                * Init global variables: ok
                * Checking selected options: ok
                * Machine and OS type:  Xen_Dom0:Oracle VM server release 2.2.2
                * Check available disk space, memory and cpu resources:
                *  /  1906 MB ok
                *  /tmp/vmpinfo  1906 MB ok
                * Free Memory 317 MB ok
                * CPU idle is 97%
                * IOWait is 2%
                * Writing help cache: ok
                * Generate Clusterview templates: ok
                * Initialize Report Templates: ok
                *
                * VMPInfo Resource Pre-check complete
                * * * * * *
                
                ---> VMPInfo System Information Utility: Version 2.2-3
                
                Starting vmpinfo scan of OracleVM: Oracle VM server release 2.2.2 (Xen_Dom0)
                Running as root with 50 ms of delay between tests
                Run vmpinfo.sh -m to review built-in documentation and manual pages
                
                Data will be saved in: /tmp/vmpinfo/OracleVM-2012-03-21-104005-vmpinfo
                
                ==> Scope: OS - <OracleVM.os>
                    * Machine role - <OracleVM.os.role>
                        - Host and Product Info-------------- 0.159s ok:2
                        - vmpinfo---------------------------- 0.555s ok:8
                        - Running User----------------------- 0.493s ok:5
                    * Hardware, CPU and PCI information - <OracleVM.os.hw>
                        - dmidecode-------------------------- 0.243s ok:3
                        - cpu info--------------------------- 0.303s ok:4
                        - lspci data------------------------- 0.462s ok:5
                        - usb-------------------------------- 0.531s <none>
                        - hal and ipmi----------------------- 0.426s ok:3
                    * OS info - <OracleVM.os.conf>
                        - Boot------------------------------- 0.340s ok:3
                        - Installed Packages----------------- 1.976s ok:2
                        - OS Version and Vendor-------------- 0.442s ok:4
                        - i18n------------------------------- 0.110s ok:1
                        - Configuration---------------------- 0.485s ok:7
                        - OS Services------------------------ 0.618s ok:5
                        - /etc files------------------------- 1.138s ok:13
                    * OS Performance - <OracleVM.os.perf>
                        - System Performance----------------- 4.869s ok:14
                    * OS Time - <OracleVM.os.time>
                        - system time------------------------ 1.239s ok:4
                        - cron------------------------------- 0.576s ok:5
                    * Kernel - <OracleVM.os.kernel>
                        - Configuration---------------------- 0.478s ok:6
                        - Performance------------------------ 0.187s ok:2
                        - Kernel FS Data--------------------- 0.173s ok:1
                    * Memory - <OracleVM.os.mem>
                        - Configuration---------------------- 0.485s ok:7
                        - Performance------------------------ 0.715s ok:9
                        - numa support----------------------- 0.112s <none>
                    * Integrity check - <OracleVM.os.security>
                        - Basic OS security------------------ 0.456s ok:6
                        - Selinux---------------------------- 0.392s ok:2
                        - Access control--------------------- 0.644s ok:7
                    * Authentication - <OracleVM.os.auth>
                        - nsswitch and pam settings---------- 0.665s ok:7
                        - SSH-------------------------------- 0.171s ok:2
                        - NSCD------------------------------- 0.162s <none>
                        - Samba------------------------------ 0.277s <none>
                        - NIS-------------------------------- 0.343s ok:2
                        - LDAP------------------------------- 0.402s ok:2
                    * OS Update - <OracleVM.os.update>
                        - Yum Configuration------------------ 0.305s ok:3
                        - Up2date Configuration-------------- 0.138s ok:1
                        - Package Tool Configuration--------- 1.055s ok:1
                    * OS Logs - <OracleVM.os.logs>
                        - Log configuration------------------ 0.248s ok:3
                        - Evaluating system logs------------- 1.058s ok:10
                
                ==> Scope: Network - <OracleVM.net>
                    * Devices - <OracleVM.net.dev>
                        - Configuration---------------------- 2.362s ok:30
                    * Settings - <OracleVM.net.conf>
                        - hostname--------------------------- 0.431s ok:6
                        - gateway---------------------------- 0.399s ok:5
                        - dns-------------------------------- 1.119s ok:8 w:1
                        - ntp-------------------------------- 1.793s ok:11 w:5
                    * Performance - <OracleVM.net.perf>
                        - netstat info----------------------- 0.323s ok:2 w:1
                        - Network connectivity info---------- 2.272s ok:3
                    * Security - <OracleVM.net.security>
                        - Firewall Settings------------------ 0.558s ok:7
                        - Netfilter-------------------------- 0.145s ok:2
                        - Basic Network Security------------- 0.569s ok:6
                
                ==> Scope: Storage - <OracleVM.storage>
                    * Storage Devices - <OracleVM.storage.dev>
                        - System Volumes--------------------- 0.544s ok:6
                        - iscsi initiator-------------------- 0.923s ok:10
                        - iscsi target----------------------- 0.123s <none>
                        - LVM Info--------------------------- 0.798s ok:5
                    * Devicemapper - <OracleVM.storage.devmapper>
                        - Block Device and Device Mapper----- 0.871s ok:7
                        - dm multipath info------------------ 0.530s ok:4 w:2
                    * Filesystems - <OracleVM.storage.fs>
                        - Configuration---------------------- 0.253s ok:3
                        - NFS-------------------------------- 0.458s ok:4
                    * Oracle Ocfs2 - <OracleVM.storage.ocfs2>
                        - O2CB and OCFS2 Service status------ 0.947s ok:12
                        - OCFS2 Configuration---------------- 0.371s ok:4
                        - OCFS2 Network---------------------- 0.131s ok:1
                        - node connectivity:1---------------- 0.192s ok:2
                        - Block Devices---------------------- 0.597s ok:3
                        - Cluster nodes---------------------- 1.009s ok:3
                        - Log analysis----------------------- 0.216s ok:1 e:1
                    * Oracle Asmlib - <OracleVM.storage.asmlib>
                        - Service status--------------------- 0.289s <none>
                        - Configuration---------------------- 0.153s <none>
                        - Luns and Volumes------------------- 0.167s <none>
                
                ==> Scope: Virtualization - <OracleVM.virt>
                    * Xen Dom0 info - <OracleVM.virt.dom0>
                        - xm--------------------------------- 1.377s ok:8
                        - Configuration---------------------- 0.402s ok:5
                        - Service Status--------------------- 0.459s ok:1 w:1
                    * Collecting Oracle VM Server Information - <OracleVM.virt.ovmserver>
                        - Configuration on this node--------- 1.372s ok:9
                        - Performance------------------------ 1.216s ok:4
                        - Cluster filesystem and repo info--- 0.860s ok:7 w:1
                        - Agent status (via API)------------- 1.747s ok:4
                        - Cluster Status--------------------- 9.509s ok:16
                        - OVS cluster info (via API)--------- 2.438s ok:9
                        - Get node and global cluster info--- 0.123s ok:1
                        - OVS Connectivity------------------- 1.227s ok:2
                        - Snapshot of local OVS data--------- 1.160s ok:9
                        - Snapshot of global OVS root data--- 2.271s ok:16
                        - OVS Agent Password Checks---------- 0.159s ok:2
                    * VM Server Logs - <OracleVM.virt.logs>
                        - ovs_autorun------------------------ 0.093s ok:1
                        - ovs_operation---------------------- 0.287s e:2
                        - ovs_root
                
                -------- Critical Subsystem Healthcheck -----------
                
                1: Hostname rev lookup on 192.168.14.3 - net.conf.dns.hostname_rev_ns0
                
                2: ntpstat - net.conf.ntp.ntpstat
                The ntp daemon is not synchronized... please check /etc/ntp.conf for reachable servers
                
                2 errors were found. Please run a full vmpinfo scan to generate a detailed report
                that will contain additional information. Run ./vmpinfo -m for instructions.
                
                ---------------------------------------------------
                Scrubbing user passwords from ovs-agent data... please wait:... Done!
                
                FAE ops: 412 ---> 398 ok  11 warnings  3 errors
                Elapsed time: 67 seconds
                
                Archive of all data is here: /tmp/vmpinfo/OracleVM-2012-03-21-104005-vmpinfo.tar.gz
                on domU vmpinfo looks like this:
                # vmpinfo
                * * * * * *
                * VMPInfo Host Resource Pre-check
                *
                * Using /etc/vmpinfo.conf
                * MD5 ok: fd98e021f389c27ef68017f798a8cef1
                * Init global variables: ok
                * Checking selected options: ok
                * Machine and OS type:  Xen_PVDomu:Enterprise Linux Enterprise Linux Server release 5.7 (Carthage)
                * Check available disk space, memory and cpu resources:
                *  /  7556 MB ok
                *  /tmp/vmpinfo  7556 MB ok
                * Free Memory 1411 MB ok
                * CPU idle is 90%
                * IOWait is 9%
                * Writing help cache: ok
                * Generate Clusterview templates: ok
                * Initialize Report Templates: ok
                *
                * VMPInfo Resource Pre-check complete
                * * * * * *
                
                ---> VMPInfo System Information Utility: Version 2.2-3
                
                Starting vmpinfo scan of rac1: Enterprise Linux Enterprise Linux Server release 5.7 (Carthage) (Xen_PVDomu)
                Running as root with 50 ms of delay between tests
                Run vmpinfo.sh -m to review built-in documentation and manual pages
                
                Data will be saved in: /tmp/vmpinfo/rac1-2012-03-21-044904-vmpinfo
                
                ==> Scope: OS - <rac1.os>
                    * Machine role - <rac1.os.role>
                        - Host and Product Info-------------- 0.141s ok:2
                        - vmpinfo---------------------------- 0.531s ok:8
                        - Running User----------------------- 0.465s ok:5
                    * Hardware, CPU and PCI information - <rac1.os.hw>
                        - dmidecode-------------------------- 0.092s <none>
                        - cpu info--------------------------- 0.246s ok:3
                        - lspci data------------------------- 0.358s ok:5
                        - usb-------------------------------- 0.393s <none>
                        - hal and ipmi----------------------- 0.362s ok:3
                    * OS info - <rac1.os.conf>
                        - Boot------------------------------- 0.309s ok:3
                        - Installed Packages----------------- 2.765s ok:2
                        - OS Version and Vendor-------------- 0.335s ok:4
                        - i18n------------------------------- 0.079s ok:1
                        - Configuration---------------------- 0.485s ok:7
                        - OS Services------------------------ 1.022s ok:5
                        - /etc files------------------------- 1.421s ok:14
                    * OS Performance - <rac1.os.perf>
                        - System Performance----------------- 4.691s ok:14
                    * OS Time - <rac1.os.time>
                        - system time------------------------ 2.030s ok:3
                        - cron------------------------------- 0.553s ok:5
                    * Kernel - <rac1.os.kernel>
                        - Configuration---------------------- 0.477s ok:6
                        - Performance------------------------ 0.196s ok:2
                        - Kernel FS Data--------------------- 0.133s ok:1
                    * Memory - <rac1.os.mem>
                        - Configuration---------------------- 0.470s ok:7
                        - Performance------------------------ 0.662s ok:9
                        - numa support----------------------- 0.214s ok:1
                    * Integrity check - <rac1.os.security>
                        - Basic OS security------------------ 0.403s ok:6
                        - Selinux---------------------------- 0.163s ok:1
                        - Access control--------------------- 0.604s ok:7
                    * Authentication - <rac1.os.auth>
                        - nsswitch and pam settings---------- 1.072s ok:7
                        - SSH-------------------------------- 0.158s ok:2
                        - NSCD------------------------------- 0.182s <none>
                        - Samba------------------------------ 0.974s ok:5
                        - NIS-------------------------------- 0.348s ok:2
                        - LDAP------------------------------- 0.469s ok:2
                    * OS Development - <rac1.os.devel>
                        - java------------------------------- 0.315s ok:3
                        - gcc-------------------------------- 0.163s ok:1
                        - libraries-------------------------- 0.131s ok:1
                    * OS Update - <rac1.os.update>
                        - Yum Configuration------------------ 0.243s ok:2
                        - Up2date Configuration-------------- 0.139s ok:1
                        - Package Tool Configuration--------- 2.575s ok:1
                    * OS Logs - <rac1.os.logs>
                        - Log configuration------------------ 0.238s ok:3
                        - Evaluating system logs------------- 1.021s ok:11
                
                ==> Scope: Network - <rac1.net>
                    * Devices - <rac1.net.dev>
                        - Configuration---------------------- 1.479s ok:13 w:1
                    * Settings - <rac1.net.conf>
                        - hostname--------------------------- 0.456s ok:6
                        - gateway---------------------------- 0.398s ok:5
                        - dns------------------------------- 22.729s ok:1 w:1 e:1
                        - ntp------------------------------- 76.635s ok:12 w:3
                    * Performance - <rac1.net.perf>
                        - netstat info----------------------- 0.255s ok:3
                        - Network connectivity info---------- 7.306s ok:1 w:1 e:1
                    * Security - <rac1.net.security>
                        - Firewall Settings------------------ 0.639s ok:5 w:2
                        - Netfilter-------------------------- 0.017s <none>
                        - Basic Network Security------------- 0.636s ok:6
                
                ==> Scope: Storage - <rac1.storage>
                    * Storage Devices - <rac1.storage.dev>
                        - System Volumes--------------------- 0.555s ok:6
                        - iscsi initiator-------------------- 0.979s ok:8
                        - iscsi target----------------------- 0.095s <none>
                        - LVM Info--------------------------- 0.564s ok:5
                    * Devicemapper - <rac1.storage.devmapper>
                        - Block Device and Device Mapper----- 0.655s ok:7
                        - dm multipath info------------------ 0.546s ok:2 w:3
                    * Filesystems - <rac1.storage.fs>
                        - Configuration---------------------- 0.291s ok:3
                        - NFS-------------------------------- 0.377s ok:4
                    * Oracle Ocfs2 - <rac1.storage.ocfs2>
                        - O2CB and OCFS2 Service status------ 1.057s ok:10 w:2
                        - OCFS2 Configuration---------------- 0.273s ok:1 w:1
                        - OCFS2 Network---------------------- 0.148s <none>
                        - Block Devices---------------------- 0.267s <none>
                        - Cluster nodes---------------------- 0.450s ok:2
                        - Log analysis----------------------- 0.105s <none>
                    * Oracle Asmlib - <rac1.storage.asmlib>
                        - Service status--------------------- 0.908s ok:7 w:1
                        - Configuration---------------------- 0.289s ok:4
                        - Luns and Volumes
                
                -------- Critical Subsystem Healthcheck -----------
                
                1: Ping nameserver 192.168.14.1 - net.conf.dns.pingns0
                nameserver 192.168.14.1 does not ping
                2: Nameserver redundancy - net.conf.dns.ns_redundancy
                Insufficient pingable nameservers found: 0
                3: DNS lookup hostname - net.conf.dns.hostname_ip
                The machine rac1 does not resolve in dns
                4: Ping ntp server 0.rhel.pool.ntp.org - net.conf.ntp.ping_ntp0
                Ntp server 0.rhel.pool.ntp.org does not ping
                5: Ping ntp server 0.rhel.pool.ntp.org Timeout - net.conf.ntp.ping_ntp0_timeout
                Command Timeout: Operation took 25 seconds with timeout value of 20
                6: Ping ntp server 1.rhel.pool.ntp.org - net.conf.ntp.ping_ntp1
                Ntp server 1.rhel.pool.ntp.org does not ping
                7: Ping ntp server 1.rhel.pool.ntp.org Timeout - net.conf.ntp.ping_ntp1_timeout
                Command Timeout: Operation took 25 seconds with timeout value of 20
                8: Ping ntp server 2.rhel.pool.ntp.org - net.conf.ntp.ping_ntp2
                Ntp server 2.rhel.pool.ntp.org does not ping
                9: Ping ntp server 2.rhel.pool.ntp.org Timeout - net.conf.ntp.ping_ntp2_timeout
                Command Timeout: Operation took 25 seconds with timeout value of 20
                10: ntp server redundancy - net.conf.ntp.ntp_redundancy
                Insufficient pingable ntp servers found: 0
                11: ARPing default gateway - net.perf.connectivity.arpinggw
                Default gateway 192.168.14.1 is not reachable at layer 2 via eth0.
                May be normal for your network but please check
                12: Ping default gateway - net.perf.connectivity.pinggw
                Default gateway 192.168.14.1 doesn't ping.
                May be normal for your network but please check
                
                12 errors were found. Please run a full vmpinfo scan to generate a detailed report
                that will contain additional information. Run ./vmpinfo -m for instructions.
                
                ---------------------------------------------------
                
                FAE ops: 293 ---> 276 ok  15 warnings  2 errors
                Elapsed time: 147 seconds
                
                Archive of all data is here: /tmp/vmpinfo/rac1-2012-03-21-044904-vmpinfo.tar.gz
                I started with the dom0. I switched in /etc/resolv.conf the nameservers as the first one used 192.168.14.3 is actually a WINS server mainly, and backup dns only. the 192.168.14.1 is the actual DNS server with forward and reverse lookup.
                tested dig -x 192.168.14.7 and returned correct info
                The report still says .3 doesn't do reverse lookup but that shouldn't be a problem anymore.

                I also started ntpd and multipathd and the number of warnings shrunk to 6 and errors still at 3.
                ntp complains with
                ntp drift  OracleVM-Ro.net.conf.ntp.ntpdrift   | CluKey |   Next: Top.S.s.g.Op  T:0.004  C:/k/W   Result:1 
                
                cat: /var/lib/ntp/drift: No such file or directory
                there is also:
                Interface Errors  OracleVM-Ro.net.perf.netstat.iface_errors   | CluKey |   Next: Top.S.s.g.Op  T:0.003  C:/k/W   Result:1 
                
                iface:vif1.0  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:37  TX-OVR:0
                iface:vif1.1  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:16  TX-OVR:0
                iface:vif2.0  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:39  TX-OVR:0
                iface:vif2.1  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:17  TX-OVR:0
                that might answer my problem, however looking at iptables I have no clue why packets are being dropped
                # iptables -L -n -t nat
                Chain PREROUTING (policy ACCEPT)
                target     prot opt source               destination
                
                Chain POSTROUTING (policy ACCEPT)
                target     prot opt source               destination
                
                Chain OUTPUT (policy ACCEPT)
                target     prot opt source               destination
                # iptables -L -n
                Chain INPUT (policy ACCEPT)
                target     prot opt source               destination
                DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
                DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
                RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0
                
                Chain FORWARD (policy ACCEPT)
                target     prot opt source               destination
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif2.0
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vif2.0
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif2.1
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vif2.1
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif1.1
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vif1.1
                
                Chain OUTPUT (policy ACCEPT)
                target     prot opt source               destination
                
                Chain RH-Firewall-1-INPUT (1 references)
                target     prot opt source               destination
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
                ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255
                ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
                ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
                ACCEPT     udp  --  0.0.0.0/0            224.0.0.251         udp dpt:5353
                ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:631
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:631
                ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
                ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2049
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpts:5900:5950
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8002
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8003
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8899
                ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:7777
                REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
                the stuff in the forward chain is new to me. I'm probably not seeing something obvious given that all my firewalls are NATed and this one is (should be) bridged.

                there is also the following which makes no sense to me, as RAC and xen ares new stuff for me
                Check nested ocfs2  OracleVM-Ro.virt.ovmserver.repos.nested_ocfs2_0   | CluKey |   Next: Top.S.s.g.Op  T:0.009  C:/k/W   Result:1 
                
                Ocfs2 shared disks on top of ocfs2 repositories is not recommended
                Please verify that these guest volumes are not configured that way:
                
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm1.img,xvdc,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm2.img,xvdd,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm3.img,xvde,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm4.img,xvdf,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm5.img,xvdg,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm1.img,xvdc,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm2.img,xvdd,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm3.img,xvde,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm4.img,xvdf,w!',
                /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm5.img,xvdg,w!',
                
                Link to vm.cfg files on all repos (size: 2.1K)
                
                Link to /var/log/ovs-agent
                
                Link to /var/log/xen
                API Errors  OracleVM-Ro.virt.logs.ovs_errwarn.api_errors   |   Next: Top.S.s.g.Op  T:0.007  C:/E   Result:1 
                
                grep: /var/log/ovs-agent/ovs_root.log.nopw: No such file or directory
                
                Link to ovs_root.log.nopw
                
                API Warnings  OracleVM-Ro.virt.logs.ovs_errwarn.api_warnings   |   Next: Top.S.s.g.Op  T:0.007  C:/E   Result:1 
                
                grep: /var/log/ovs-agent/ovs_root.log.nopw: No such file or directory
                
                Link to ovs_root.log.nopw
                
                API Exceptions  OracleVM-Ro.virt.logs.ovs_errwarn.api_exceptions   |   Next: Top.S.s.g.Op  T:0.007  C:/E   Result:1 
                
                grep: /var/log/ovs-agent/ovs_root.log.nopw: No such file or directory
                
                Link to ovs_root.log.nopw
                
                Link to vm.cfg files on all repos (size: 2.1K)
                
                Link to /var/log/ovs-agent
                
                Link to /var/log/xen
                the key might be the dropped packets on the vifs. I'm gonna try and debug that from iptables. Not sure if I'll get the chance today or tomorrow.

                Any other ideas I might try?
                • 5. Re: No internet/LAN access from/to outside and domU
                  922042
                  small side note: I fixed the dns thing on dom0

                  iptables logging did nothing so I went back to tcpdump. this time on all interfaces with following results:
                  # tcpdump -D
                  1.eth0
                  2.xenbr0
                  3.eth1
                  4.xenbr1
                  5.vif1.0
                  6.vif1.1
                  7.eth2
                  8.xenbr2
                  9.vif2.0
                  10.vif2.1
                  11.any (Pseudo-device that captures on all interfaces)
                  12.lo
                  # tcpdump -nnvXSs 0 icmp -i 11
                  tcpdump: WARNING: Promiscuous mode not supported on the "any" device
                  tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
                  dom1 was constantly pinging the gateway (192.168.14.1) and nothing was showing up. The minuted I started pinging dom2 from dom1, the tcpdump started showing packets

                  that got me thinking. obviously the packets stop before tcpdump gets to see them. So I've done some various searches on the subject, and finally gotten to this post: http://serverfault.com/questions/366659/xen-bridge-over-virtualbox-bridge
                  promiscuous mode. That rang a bell.
                  I enabled promiscuous mode on the network card and voila: the network now works. domU can ping the gateway, the local lan and the entire internet.

                  Thank you so much for your assistance. greatly appreciated.
                  • 6. Re: No internet/LAN access from/to outside and domU
                    821215
                    That's fantastic news! Well done.

                    Incidentally there's one version of OracleVM I used where tcpdump would keep crashing (I can't remember exactly which though) so it's lucky you're on 2.2.2.
                    • 7. Re: No internet/LAN access from/to outside and domU
                      470515
                      Thank you thank you thank you! After three weeks of googling, glad to come across this thread!

                      Finally I am able to access the virtual machine(s) console using SSH from host now.

                      regards,

                      raj
                      • 8. Re: No internet/LAN access from/to outside and domU
                        User329244
                        Great Great Great

                        It worked finally , Happy new Year
                        • 9. Re: No internet/LAN access from/to outside and domU
                          661705

                          This posting was really helpful to me...thank you all.  I changed my network adapter to PCnet-FAST III and was able to get to the guest machine from the network. 

                           

                          However, I am not able to ping out or get out from the guest machine.  Did you guys sort that out?  Any thoughts?