This discussion is archived
9 Replies Latest reply: Oct 1, 2013 8:32 PM by 661705 RSS

No internet/LAN access from/to outside and domU

922042 Newbie
Currently Being Moderated
I've installed oracle VM 2.2.2 and proceeded to setup a RAC system using the 11gR2 templates.
Right after network configuration I wanted to login directly using putty rather than the oracle VMM console and failed. This is when I started digging and experimenting.
Right now I have 2 virtual machines in the VMS which can ping each other and can ping the server (dom0). also, the server can ping the outside wold and the domU. But domU cannot ping outside world.

In a more graphical explanation, this looks like this:

LAN <-> dom0 (ping ok either way)
dom0 <-> domU (ping ok either way)
LAN --- domU (ping not working at all)

VM is configured with bridged networking.

I noticed others also have this problem but there is no solution yet as I could find.

I changed default xen config from
#(network-script network-bridge)
(network-script network-bridges)
to
(network-script network-bridge)
#(network-script network-bridges)

in order to also get the IP on eth0

but this didn't have any other effects as far as I can see.

intended configuration (in case something is wrong there and I'm not seeing it)

LAN:
GW: 192.168.14.1
NM: 255.255.255.0

dom0:
IP: 192.168.14.200
NM: 255.255.255.0
GW: 192.168.14.1 (so that it will go out into the internet, through the LAN default gateway)

domU:
public
IP: 192.168.14.211 (212,213,..)
NM: 255.255.255.0
GW: 192.168.14.200 (I also tried 192.168.14.1 without any luck)
private:
IP: 192.168.114.211 (212,213,..)
NM: 255.255.255.0
GW: 192.168.114.211

dom1 ping dom2 works on both public and private IPs.
dom0 ping dom1,2 works on public ip 192.168.14.x
dom0 ping GW 192.168.14.1 works fine
dom1 ping GW 192.168.14.1 fails with
From 192.168.14.211 icmp_seq=1 Destination Host Unreachable

(I would expect this reply to be coming from 192.168.14.200 which is the default GW for this subnet on domU, but maybe my networking expectations are wrong?)
dom0
# brctl show
bridge name     bridge id               STP enabled     interfaces
xenbr0          8000.000c29adc2ec       no              vif2.0
                                                        vif1.0
                                                        eth0
xenbr1          8000.000c29adc2f6       no              vif2.1
                                                        vif1.1
                                                        eth1
xenbr2          8000.000c29adc200       no              eth2
dom0
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
          inet addr:192.168.14.200  Bcast:192.168.14.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:126127 errors:0 dropped:0 overruns:0 frame:0
          TX packets:142498 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10134769 (9.6 MiB)  TX bytes:28014848 (26.7 MiB)
          Interrupt:17 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
          inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:53169 errors:0 dropped:0 overruns:0 frame:0
          TX packets:155 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4838223 (4.6 MiB)  TX bytes:29383 (28.6 KiB)
          Interrupt:18 Base address:0x2080

eth2      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
          inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:53192 errors:0 dropped:0 overruns:0 frame:0
          TX packets:103 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4843373 (4.6 MiB)  TX bytes:26844 (26.2 KiB)
          Interrupt:19 Base address:0x2400

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:38563 errors:0 dropped:0 overruns:0 frame:0
          TX packets:38563 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7482112 (7.1 MiB)  TX bytes:7482112 (7.1 MiB)

vif1.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2364 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50167 errors:0 dropped:175 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:79311 (77.4 KiB)  TX bytes:4601272 (4.3 MiB)

vif1.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:26 errors:0 dropped:0 overruns:0 frame:0
          TX packets:51483 errors:0 dropped:154 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:1160 (1.1 KiB)  TX bytes:4689578 (4.4 MiB)

vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4222 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48378 errors:0 dropped:206 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:162754 (158.9 KiB)  TX bytes:4502583 (4.2 MiB)

vif2.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:30 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50244 errors:0 dropped:186 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:1272 (1.2 KiB)  TX bytes:4577492 (4.3 MiB)

xenbr0    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
          inet addr:192.168.14.200  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:132361 errors:0 dropped:0 overruns:0 frame:0
          TX packets:137740 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:8584655 (8.1 MiB)  TX bytes:27843674 (26.5 MiB)

xenbr1    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
          inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52855 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4071294 (3.8 MiB)  TX bytes:4386 (4.2 KiB)

xenbr2    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
          inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52721 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4066860 (3.8 MiB)  TX bytes:4386 (4.2 KiB)
domU
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:16:3E:06:AC:F9
          inet addr:192.168.14.211  Bcast:192.168.14.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe06:acf9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:43810 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3351 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4107179 (3.9 MiB)  TX bytes:187816 (183.4 KiB)

eth1      Link encap:Ethernet  HWaddr 00:16:3E:2F:2C:5C
          inet addr:192.168.114.211  Bcast:192.168.114.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe2f:2c5c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:44784 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4113548 (3.9 MiB)  TX bytes:888 (888.0 b)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1751 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1751 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:182759 (178.4 KiB)  TX bytes:182759 (178.4 KiB)
dom0
# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 xenbr0
192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         192.168.14.1    0.0.0.0         UG    0      0        0 eth0
domU
]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.114.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.168.14.200  0.0.0.0         UG    0      0        0 eth0
domU
On dom0, I also tried logging in iptables, adding log target as first rule in NAT, RAW and INPUT tables, on icmp packets, no other filtering, but the pings to 192.168.14.1 don't show up at all, only to 192.168.14.200
iptraf, tcpdump don't show anything coming from 192.168.14.211 while pinging any address (.1 or .200 which is a bit weird for me since I would expect at least the .200 to show up). tcp connections show up, it's just the icmp ones that don't

I'm out of ideas on what to try so any suggestion is welcome.

Thank you.
  • 1. Re: No internet/LAN access from/to outside and domU
    821215 Newbie
    Currently Being Moderated
    Your domU should have the GW set to 192.168.14.1.

    You shouldn't need to do anything to iptables on dom0 unless you've done something non-standard.

    Try:
    1) Changing the xen bridge config back to what it was. The IP address for dom0 should be on xenbr0, not eth0, and you definitely shouldn't see the IP address for dom0 registered on both eth0 and xenbr0. After changing the bridge config reboot the server (dom0)
    2) Change the GW of the domU guests to 192.168.14.1 (i.e. the real gateway on your LAN)

    Edited by: user10786594 on 16/03/2012 15:36
  • 2. Re: No internet/LAN access from/to outside and domU
    922042 Newbie
    Currently Being Moderated
    Thanks for the reply. Unfortunately, that's how the network config looks like after initial installation and it does not work.
    I installed fresh both the VM and the machines. Right after installation finished, I got an error regarding the SCAN name resolution, which is most likely because of this same issue since the DNS is also the gateway and the gateway is nto pingable or otherwise reachable.

    here is how things look like after a fresh installation

    (to note that I had to manually ad the default gateway to dom0 and populate /etc/resolf.conf. my dom0 is configured to use DHCP but appears to not respond properly to it.)

    also, resolution is very slow so I added the VMM and VM to each others hostfile, as adding the serverpool would timeout in VMM because of the dns resolution lag. Which I dont;' know why happens since everything is local. but I don't think this is an issue when pinging the gateway since I use IPs

    That's all the "non-standard" changes I made to the default installation
    # brctl show
    bridge name     bridge id               STP enabled     interfaces
    xenbr0          8000.000c29adc2ec       no              vif2.0
                                                            vif1.0
                                                            eth0
    xenbr1          8000.000c29adc2f6       no              vif2.1
                                                            vif1.1
                                                            eth1
    xenbr2          8000.000c29adc200       no              eth2
    dom0
    # ifconfig
    eth0      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
              inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:5992363 errors:3 dropped:3 overruns:0 frame:0
              TX packets:1384895 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:506002791 (482.5 MiB)  TX bytes:92216241 (87.9 MiB)
              Interrupt:17 Base address:0x2000
    
    eth1      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
              inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:1176 errors:0 dropped:0 overruns:0 frame:0
              TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:97271 (94.9 KiB)  TX bytes:14991 (14.6 KiB)
              Interrupt:18 Base address:0x2080
    
    eth2      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
              inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:1169 errors:0 dropped:0 overruns:0 frame:0
              TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:99831 (97.4 KiB)  TX bytes:13993 (13.6 KiB)
              Interrupt:19 Base address:0x2400
    
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:18137 errors:0 dropped:0 overruns:0 frame:0
              TX packets:18137 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:3679328 (3.5 MiB)  TX bytes:3679328 (3.5 MiB)
    
    vif1.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
              inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:252 errors:0 dropped:0 overruns:0 frame:0
              TX packets:312 errors:0 dropped:83 overruns:0 carrier:0
              collisions:0 txqueuelen:32
              RX bytes:7580 (7.4 KiB)  TX bytes:17030 (16.6 KiB)
    
    vif1.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
              inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:19 errors:0 dropped:0 overruns:0 frame:0
              TX packets:543 errors:0 dropped:16 overruns:0 carrier:0
              collisions:0 txqueuelen:32
              RX bytes:944 (944.0 b)  TX bytes:35036 (34.2 KiB)
    
    vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
              inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:250 errors:0 dropped:0 overruns:0 frame:0
              TX packets:310 errors:0 dropped:58 overruns:0 carrier:0
              collisions:0 txqueuelen:32
              RX bytes:7412 (7.2 KiB)  TX bytes:16834 (16.4 KiB)
    
    vif2.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
              inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:21 errors:0 dropped:0 overruns:0 frame:0
              TX packets:542 errors:0 dropped:16 overruns:0 carrier:0
              collisions:0 txqueuelen:32
              RX bytes:1028 (1.0 KiB)  TX bytes:34966 (34.1 KiB)
    
    xenbr0    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
              inet addr:192.168.14.200  Bcast:0.0.0.0  Mask:255.255.255.0
              inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:5992663 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1384374 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:422109086 (402.5 MiB)  TX bytes:92191064 (87.9 MiB)
    
    xenbr1    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
              inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:916 errors:0 dropped:0 overruns:0 frame:0
              TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:62837 (61.3 KiB)  TX bytes:4570 (4.4 KiB)
    
    xenbr2    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
              inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:789 errors:0 dropped:0 overruns:0 frame:0
              TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:56527 (55.2 KiB)  TX bytes:4570 (4.4 KiB)
    dom0
    # route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 xenbr0
    0.0.0.0         192.168.14.1    0.0.0.0         UG    0      0        0 xenbr0
    domU
    # ifconfig
    eth0      Link encap:Ethernet  HWaddr 00:16:3E:71:5D:F4
              inet addr:192.168.14.211  Bcast:192.168.14.255  Mask:255.255.255.0
              inet6 addr: fe80::216:3eff:fe71:5df4/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:372 errors:0 dropped:0 overruns:0 frame:0
              TX packets:340 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:20501 (20.0 KiB)  TX bytes:17948 (17.5 KiB)
    
    eth1      Link encap:Ethernet  HWaddr 00:16:3E:01:81:9B
              inet addr:192.168.114.211  Bcast:192.168.114.255  Mask:255.255.255.0
              inet6 addr: fe80::216:3eff:fe01:819b/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:624 errors:0 dropped:0 overruns:0 frame:0
              TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:38513 (37.6 KiB)  TX bytes:958 (958.0 b)
    
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:122 errors:0 dropped:0 overruns:0 frame:0
              TX packets:122 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:11903 (11.6 KiB)  TX bytes:11903 (11.6 KiB)
    domU
    # route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.114.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
    192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
    0.0.0.0         192.168.14.1    0.0.0.0         UG    0      0        0 eth0
    dom0
    # ping 192.168.14.1
    PING 192.168.14.1 (192.168.14.1) 56(84) bytes of data.
    64 bytes from 192.168.14.1: icmp_seq=1 ttl=64 time=0.205 ms
    
    --- 192.168.14.1 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 0.205/0.205/0.205/0.000 ms
    domU
    # ping 192.168.14.200
    PING 192.168.14.200 (192.168.14.200) 56(84) bytes of data.
    64 bytes from 192.168.14.200: icmp_seq=1 ttl=64 time=0.080 ms
    
    --- 192.168.14.200 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 0.080/0.080/0.080/0.000 ms
    
    # ping 192.168.14.1
    PING 192.168.14.1 (192.168.14.1) 56(84) bytes of data.
    From 192.168.14.211 icmp_seq=1 Destination Host Unreachable
    From 192.168.14.211 icmp_seq=2 Destination Host Unreachable
    From 192.168.14.211 icmp_seq=3 Destination Host Unreachable
    
    --- 192.168.14.1 ping statistics ---
    4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3006ms
    , pipe 3
    I strongly feel the problem lies on dom0 and all the bridging going on there.
  • 3. Re: No internet/LAN access from/to outside and domU
    821215 Newbie
    Currently Being Moderated
    The output you've provided all look sensible.

    I have had issues with Oracle VM 2.2.1 before where packets would try to go out VIF and hit the bridge, but not make it any further. You could be seeing something similar which could explain why you can ping dom0 but nothing further.

    Can you do a tcpdump on:
    - eth0 inside domU
    - vif on dom0 that corresponds to domU (e.g. vif1.0)
    - xenbr0 on dom0
    - eth0 on dom0

    Then see how far your ping gets. When I had issues, the packets would make it as far as the xenbr interface, but never get passed on to the underlying interface (eth0). I opened an SR with Oracle Support and unfortunately they were unable to find anything conclusive, however upgrading from 2.2.1 to 2.2.2 solved the issue for me.

    Can you also download "vmpinfo" from the MoS site, run it, and have a look at the summary HTML file for any issues it detects in your configuration.
  • 4. Re: No internet/LAN access from/to outside and domU
    922042 Newbie
    Currently Being Moderated
    any idea: isn't there a codebox like tag I can use that is like code but has scrollbars?

    tcpdump on vif1.0 for dom1 while pinging 192.168.14.1 shows only arp who-has packets
    tcpdump on xenbr0 and eth0 show the exact same packets

    I'm not sure what you want me to look/test for with tcpdump on domU ...

    btw, I'm using OVM 2.2.2 already ...


    vmpinfo on dom0 shows:
    # vmpinfo
    * * * * * *
    * VMPInfo Host Resource Pre-check
    *
    * Using /etc/vmpinfo.conf
    * MD5 ok: fd98e021f389c27ef68017f798a8cef1
    * Init global variables: ok
    * Checking selected options: ok
    * Machine and OS type:  Xen_Dom0:Oracle VM server release 2.2.2
    * Check available disk space, memory and cpu resources:
    *  /  1906 MB ok
    *  /tmp/vmpinfo  1906 MB ok
    * Free Memory 317 MB ok
    * CPU idle is 97%
    * IOWait is 2%
    * Writing help cache: ok
    * Generate Clusterview templates: ok
    * Initialize Report Templates: ok
    *
    * VMPInfo Resource Pre-check complete
    * * * * * *
    
    ---> VMPInfo System Information Utility: Version 2.2-3
    
    Starting vmpinfo scan of OracleVM: Oracle VM server release 2.2.2 (Xen_Dom0)
    Running as root with 50 ms of delay between tests
    Run vmpinfo.sh -m to review built-in documentation and manual pages
    
    Data will be saved in: /tmp/vmpinfo/OracleVM-2012-03-21-104005-vmpinfo
    
    ==> Scope: OS - <OracleVM.os>
        * Machine role - <OracleVM.os.role>
            - Host and Product Info-------------- 0.159s ok:2
            - vmpinfo---------------------------- 0.555s ok:8
            - Running User----------------------- 0.493s ok:5
        * Hardware, CPU and PCI information - <OracleVM.os.hw>
            - dmidecode-------------------------- 0.243s ok:3
            - cpu info--------------------------- 0.303s ok:4
            - lspci data------------------------- 0.462s ok:5
            - usb-------------------------------- 0.531s <none>
            - hal and ipmi----------------------- 0.426s ok:3
        * OS info - <OracleVM.os.conf>
            - Boot------------------------------- 0.340s ok:3
            - Installed Packages----------------- 1.976s ok:2
            - OS Version and Vendor-------------- 0.442s ok:4
            - i18n------------------------------- 0.110s ok:1
            - Configuration---------------------- 0.485s ok:7
            - OS Services------------------------ 0.618s ok:5
            - /etc files------------------------- 1.138s ok:13
        * OS Performance - <OracleVM.os.perf>
            - System Performance----------------- 4.869s ok:14
        * OS Time - <OracleVM.os.time>
            - system time------------------------ 1.239s ok:4
            - cron------------------------------- 0.576s ok:5
        * Kernel - <OracleVM.os.kernel>
            - Configuration---------------------- 0.478s ok:6
            - Performance------------------------ 0.187s ok:2
            - Kernel FS Data--------------------- 0.173s ok:1
        * Memory - <OracleVM.os.mem>
            - Configuration---------------------- 0.485s ok:7
            - Performance------------------------ 0.715s ok:9
            - numa support----------------------- 0.112s <none>
        * Integrity check - <OracleVM.os.security>
            - Basic OS security------------------ 0.456s ok:6
            - Selinux---------------------------- 0.392s ok:2
            - Access control--------------------- 0.644s ok:7
        * Authentication - <OracleVM.os.auth>
            - nsswitch and pam settings---------- 0.665s ok:7
            - SSH-------------------------------- 0.171s ok:2
            - NSCD------------------------------- 0.162s <none>
            - Samba------------------------------ 0.277s <none>
            - NIS-------------------------------- 0.343s ok:2
            - LDAP------------------------------- 0.402s ok:2
        * OS Update - <OracleVM.os.update>
            - Yum Configuration------------------ 0.305s ok:3
            - Up2date Configuration-------------- 0.138s ok:1
            - Package Tool Configuration--------- 1.055s ok:1
        * OS Logs - <OracleVM.os.logs>
            - Log configuration------------------ 0.248s ok:3
            - Evaluating system logs------------- 1.058s ok:10
    
    ==> Scope: Network - <OracleVM.net>
        * Devices - <OracleVM.net.dev>
            - Configuration---------------------- 2.362s ok:30
        * Settings - <OracleVM.net.conf>
            - hostname--------------------------- 0.431s ok:6
            - gateway---------------------------- 0.399s ok:5
            - dns-------------------------------- 1.119s ok:8 w:1
            - ntp-------------------------------- 1.793s ok:11 w:5
        * Performance - <OracleVM.net.perf>
            - netstat info----------------------- 0.323s ok:2 w:1
            - Network connectivity info---------- 2.272s ok:3
        * Security - <OracleVM.net.security>
            - Firewall Settings------------------ 0.558s ok:7
            - Netfilter-------------------------- 0.145s ok:2
            - Basic Network Security------------- 0.569s ok:6
    
    ==> Scope: Storage - <OracleVM.storage>
        * Storage Devices - <OracleVM.storage.dev>
            - System Volumes--------------------- 0.544s ok:6
            - iscsi initiator-------------------- 0.923s ok:10
            - iscsi target----------------------- 0.123s <none>
            - LVM Info--------------------------- 0.798s ok:5
        * Devicemapper - <OracleVM.storage.devmapper>
            - Block Device and Device Mapper----- 0.871s ok:7
            - dm multipath info------------------ 0.530s ok:4 w:2
        * Filesystems - <OracleVM.storage.fs>
            - Configuration---------------------- 0.253s ok:3
            - NFS-------------------------------- 0.458s ok:4
        * Oracle Ocfs2 - <OracleVM.storage.ocfs2>
            - O2CB and OCFS2 Service status------ 0.947s ok:12
            - OCFS2 Configuration---------------- 0.371s ok:4
            - OCFS2 Network---------------------- 0.131s ok:1
            - node connectivity:1---------------- 0.192s ok:2
            - Block Devices---------------------- 0.597s ok:3
            - Cluster nodes---------------------- 1.009s ok:3
            - Log analysis----------------------- 0.216s ok:1 e:1
        * Oracle Asmlib - <OracleVM.storage.asmlib>
            - Service status--------------------- 0.289s <none>
            - Configuration---------------------- 0.153s <none>
            - Luns and Volumes------------------- 0.167s <none>
    
    ==> Scope: Virtualization - <OracleVM.virt>
        * Xen Dom0 info - <OracleVM.virt.dom0>
            - xm--------------------------------- 1.377s ok:8
            - Configuration---------------------- 0.402s ok:5
            - Service Status--------------------- 0.459s ok:1 w:1
        * Collecting Oracle VM Server Information - <OracleVM.virt.ovmserver>
            - Configuration on this node--------- 1.372s ok:9
            - Performance------------------------ 1.216s ok:4
            - Cluster filesystem and repo info--- 0.860s ok:7 w:1
            - Agent status (via API)------------- 1.747s ok:4
            - Cluster Status--------------------- 9.509s ok:16
            - OVS cluster info (via API)--------- 2.438s ok:9
            - Get node and global cluster info--- 0.123s ok:1
            - OVS Connectivity------------------- 1.227s ok:2
            - Snapshot of local OVS data--------- 1.160s ok:9
            - Snapshot of global OVS root data--- 2.271s ok:16
            - OVS Agent Password Checks---------- 0.159s ok:2
        * VM Server Logs - <OracleVM.virt.logs>
            - ovs_autorun------------------------ 0.093s ok:1
            - ovs_operation---------------------- 0.287s e:2
            - ovs_root
    
    -------- Critical Subsystem Healthcheck -----------
    
    1: Hostname rev lookup on 192.168.14.3 - net.conf.dns.hostname_rev_ns0
    
    2: ntpstat - net.conf.ntp.ntpstat
    The ntp daemon is not synchronized... please check /etc/ntp.conf for reachable servers
    
    2 errors were found. Please run a full vmpinfo scan to generate a detailed report
    that will contain additional information. Run ./vmpinfo -m for instructions.
    
    ---------------------------------------------------
    Scrubbing user passwords from ovs-agent data... please wait:... Done!
    
    FAE ops: 412 ---> 398 ok  11 warnings  3 errors
    Elapsed time: 67 seconds
    
    Archive of all data is here: /tmp/vmpinfo/OracleVM-2012-03-21-104005-vmpinfo.tar.gz
    on domU vmpinfo looks like this:
    # vmpinfo
    * * * * * *
    * VMPInfo Host Resource Pre-check
    *
    * Using /etc/vmpinfo.conf
    * MD5 ok: fd98e021f389c27ef68017f798a8cef1
    * Init global variables: ok
    * Checking selected options: ok
    * Machine and OS type:  Xen_PVDomu:Enterprise Linux Enterprise Linux Server release 5.7 (Carthage)
    * Check available disk space, memory and cpu resources:
    *  /  7556 MB ok
    *  /tmp/vmpinfo  7556 MB ok
    * Free Memory 1411 MB ok
    * CPU idle is 90%
    * IOWait is 9%
    * Writing help cache: ok
    * Generate Clusterview templates: ok
    * Initialize Report Templates: ok
    *
    * VMPInfo Resource Pre-check complete
    * * * * * *
    
    ---> VMPInfo System Information Utility: Version 2.2-3
    
    Starting vmpinfo scan of rac1: Enterprise Linux Enterprise Linux Server release 5.7 (Carthage) (Xen_PVDomu)
    Running as root with 50 ms of delay between tests
    Run vmpinfo.sh -m to review built-in documentation and manual pages
    
    Data will be saved in: /tmp/vmpinfo/rac1-2012-03-21-044904-vmpinfo
    
    ==> Scope: OS - <rac1.os>
        * Machine role - <rac1.os.role>
            - Host and Product Info-------------- 0.141s ok:2
            - vmpinfo---------------------------- 0.531s ok:8
            - Running User----------------------- 0.465s ok:5
        * Hardware, CPU and PCI information - <rac1.os.hw>
            - dmidecode-------------------------- 0.092s <none>
            - cpu info--------------------------- 0.246s ok:3
            - lspci data------------------------- 0.358s ok:5
            - usb-------------------------------- 0.393s <none>
            - hal and ipmi----------------------- 0.362s ok:3
        * OS info - <rac1.os.conf>
            - Boot------------------------------- 0.309s ok:3
            - Installed Packages----------------- 2.765s ok:2
            - OS Version and Vendor-------------- 0.335s ok:4
            - i18n------------------------------- 0.079s ok:1
            - Configuration---------------------- 0.485s ok:7
            - OS Services------------------------ 1.022s ok:5
            - /etc files------------------------- 1.421s ok:14
        * OS Performance - <rac1.os.perf>
            - System Performance----------------- 4.691s ok:14
        * OS Time - <rac1.os.time>
            - system time------------------------ 2.030s ok:3
            - cron------------------------------- 0.553s ok:5
        * Kernel - <rac1.os.kernel>
            - Configuration---------------------- 0.477s ok:6
            - Performance------------------------ 0.196s ok:2
            - Kernel FS Data--------------------- 0.133s ok:1
        * Memory - <rac1.os.mem>
            - Configuration---------------------- 0.470s ok:7
            - Performance------------------------ 0.662s ok:9
            - numa support----------------------- 0.214s ok:1
        * Integrity check - <rac1.os.security>
            - Basic OS security------------------ 0.403s ok:6
            - Selinux---------------------------- 0.163s ok:1
            - Access control--------------------- 0.604s ok:7
        * Authentication - <rac1.os.auth>
            - nsswitch and pam settings---------- 1.072s ok:7
            - SSH-------------------------------- 0.158s ok:2
            - NSCD------------------------------- 0.182s <none>
            - Samba------------------------------ 0.974s ok:5
            - NIS-------------------------------- 0.348s ok:2
            - LDAP------------------------------- 0.469s ok:2
        * OS Development - <rac1.os.devel>
            - java------------------------------- 0.315s ok:3
            - gcc-------------------------------- 0.163s ok:1
            - libraries-------------------------- 0.131s ok:1
        * OS Update - <rac1.os.update>
            - Yum Configuration------------------ 0.243s ok:2
            - Up2date Configuration-------------- 0.139s ok:1
            - Package Tool Configuration--------- 2.575s ok:1
        * OS Logs - <rac1.os.logs>
            - Log configuration------------------ 0.238s ok:3
            - Evaluating system logs------------- 1.021s ok:11
    
    ==> Scope: Network - <rac1.net>
        * Devices - <rac1.net.dev>
            - Configuration---------------------- 1.479s ok:13 w:1
        * Settings - <rac1.net.conf>
            - hostname--------------------------- 0.456s ok:6
            - gateway---------------------------- 0.398s ok:5
            - dns------------------------------- 22.729s ok:1 w:1 e:1
            - ntp------------------------------- 76.635s ok:12 w:3
        * Performance - <rac1.net.perf>
            - netstat info----------------------- 0.255s ok:3
            - Network connectivity info---------- 7.306s ok:1 w:1 e:1
        * Security - <rac1.net.security>
            - Firewall Settings------------------ 0.639s ok:5 w:2
            - Netfilter-------------------------- 0.017s <none>
            - Basic Network Security------------- 0.636s ok:6
    
    ==> Scope: Storage - <rac1.storage>
        * Storage Devices - <rac1.storage.dev>
            - System Volumes--------------------- 0.555s ok:6
            - iscsi initiator-------------------- 0.979s ok:8
            - iscsi target----------------------- 0.095s <none>
            - LVM Info--------------------------- 0.564s ok:5
        * Devicemapper - <rac1.storage.devmapper>
            - Block Device and Device Mapper----- 0.655s ok:7
            - dm multipath info------------------ 0.546s ok:2 w:3
        * Filesystems - <rac1.storage.fs>
            - Configuration---------------------- 0.291s ok:3
            - NFS-------------------------------- 0.377s ok:4
        * Oracle Ocfs2 - <rac1.storage.ocfs2>
            - O2CB and OCFS2 Service status------ 1.057s ok:10 w:2
            - OCFS2 Configuration---------------- 0.273s ok:1 w:1
            - OCFS2 Network---------------------- 0.148s <none>
            - Block Devices---------------------- 0.267s <none>
            - Cluster nodes---------------------- 0.450s ok:2
            - Log analysis----------------------- 0.105s <none>
        * Oracle Asmlib - <rac1.storage.asmlib>
            - Service status--------------------- 0.908s ok:7 w:1
            - Configuration---------------------- 0.289s ok:4
            - Luns and Volumes
    
    -------- Critical Subsystem Healthcheck -----------
    
    1: Ping nameserver 192.168.14.1 - net.conf.dns.pingns0
    nameserver 192.168.14.1 does not ping
    2: Nameserver redundancy - net.conf.dns.ns_redundancy
    Insufficient pingable nameservers found: 0
    3: DNS lookup hostname - net.conf.dns.hostname_ip
    The machine rac1 does not resolve in dns
    4: Ping ntp server 0.rhel.pool.ntp.org - net.conf.ntp.ping_ntp0
    Ntp server 0.rhel.pool.ntp.org does not ping
    5: Ping ntp server 0.rhel.pool.ntp.org Timeout - net.conf.ntp.ping_ntp0_timeout
    Command Timeout: Operation took 25 seconds with timeout value of 20
    6: Ping ntp server 1.rhel.pool.ntp.org - net.conf.ntp.ping_ntp1
    Ntp server 1.rhel.pool.ntp.org does not ping
    7: Ping ntp server 1.rhel.pool.ntp.org Timeout - net.conf.ntp.ping_ntp1_timeout
    Command Timeout: Operation took 25 seconds with timeout value of 20
    8: Ping ntp server 2.rhel.pool.ntp.org - net.conf.ntp.ping_ntp2
    Ntp server 2.rhel.pool.ntp.org does not ping
    9: Ping ntp server 2.rhel.pool.ntp.org Timeout - net.conf.ntp.ping_ntp2_timeout
    Command Timeout: Operation took 25 seconds with timeout value of 20
    10: ntp server redundancy - net.conf.ntp.ntp_redundancy
    Insufficient pingable ntp servers found: 0
    11: ARPing default gateway - net.perf.connectivity.arpinggw
    Default gateway 192.168.14.1 is not reachable at layer 2 via eth0.
    May be normal for your network but please check
    12: Ping default gateway - net.perf.connectivity.pinggw
    Default gateway 192.168.14.1 doesn't ping.
    May be normal for your network but please check
    
    12 errors were found. Please run a full vmpinfo scan to generate a detailed report
    that will contain additional information. Run ./vmpinfo -m for instructions.
    
    ---------------------------------------------------
    
    FAE ops: 293 ---> 276 ok  15 warnings  2 errors
    Elapsed time: 147 seconds
    
    Archive of all data is here: /tmp/vmpinfo/rac1-2012-03-21-044904-vmpinfo.tar.gz
    I started with the dom0. I switched in /etc/resolv.conf the nameservers as the first one used 192.168.14.3 is actually a WINS server mainly, and backup dns only. the 192.168.14.1 is the actual DNS server with forward and reverse lookup.
    tested dig -x 192.168.14.7 and returned correct info
    The report still says .3 doesn't do reverse lookup but that shouldn't be a problem anymore.

    I also started ntpd and multipathd and the number of warnings shrunk to 6 and errors still at 3.
    ntp complains with
    ntp drift  OracleVM-Ro.net.conf.ntp.ntpdrift   | CluKey |   Next: Top.S.s.g.Op  T:0.004  C:/k/W   Result:1 
    
    cat: /var/lib/ntp/drift: No such file or directory
    there is also:
    Interface Errors  OracleVM-Ro.net.perf.netstat.iface_errors   | CluKey |   Next: Top.S.s.g.Op  T:0.003  C:/k/W   Result:1 
    
    iface:vif1.0  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:37  TX-OVR:0
    iface:vif1.1  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:16  TX-OVR:0
    iface:vif2.0  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:39  TX-OVR:0
    iface:vif2.1  RX-ERR:0  RX-DRP:0  RX-OVR:0  TX-ERR:0  TX-DRP:17  TX-OVR:0
    that might answer my problem, however looking at iptables I have no clue why packets are being dropped
    # iptables -L -n -t nat
    Chain PREROUTING (policy ACCEPT)
    target     prot opt source               destination
    
    Chain POSTROUTING (policy ACCEPT)
    target     prot opt source               destination
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    # iptables -L -n
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
    DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
    RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif2.0
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vif2.0
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif2.1
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vif2.1
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif1.1
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           PHYSDEV match --physdev-in vif1.1
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    
    Chain RH-Firewall-1-INPUT (1 references)
    target     prot opt source               destination
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255
    ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
    ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
    ACCEPT     udp  --  0.0.0.0/0            224.0.0.251         udp dpt:5353
    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:631
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:631
    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:2049
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpts:5900:5950
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8002
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8003
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8899
    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:7777
    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
    the stuff in the forward chain is new to me. I'm probably not seeing something obvious given that all my firewalls are NATed and this one is (should be) bridged.

    there is also the following which makes no sense to me, as RAC and xen ares new stuff for me
    Check nested ocfs2  OracleVM-Ro.virt.ovmserver.repos.nested_ocfs2_0   | CluKey |   Next: Top.S.s.g.Op  T:0.009  C:/k/W   Result:1 
    
    Ocfs2 shared disks on top of ocfs2 repositories is not recommended
    Please verify that these guest volumes are not configured that way:
    
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm1.img,xvdc,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm2.img,xvdd,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm3.img,xvde,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm4.img,xvdf,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/70_rac1-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm5.img,xvdg,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm1.img,xvdc,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm2.img,xvdd,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm3.img,xvde,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm4.img,xvdf,w!',
    /var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/running_pool/73_rac2-ro/vm.cfg:'file:/var/ovs/mount/A11EFC06A6014C1BA401278C394D7088/sharedDisk/asm5.img,xvdg,w!',
    
    Link to vm.cfg files on all repos (size: 2.1K)
    
    Link to /var/log/ovs-agent
    
    Link to /var/log/xen
    API Errors  OracleVM-Ro.virt.logs.ovs_errwarn.api_errors   |   Next: Top.S.s.g.Op  T:0.007  C:/E   Result:1 
    
    grep: /var/log/ovs-agent/ovs_root.log.nopw: No such file or directory
    
    Link to ovs_root.log.nopw
    
    API Warnings  OracleVM-Ro.virt.logs.ovs_errwarn.api_warnings   |   Next: Top.S.s.g.Op  T:0.007  C:/E   Result:1 
    
    grep: /var/log/ovs-agent/ovs_root.log.nopw: No such file or directory
    
    Link to ovs_root.log.nopw
    
    API Exceptions  OracleVM-Ro.virt.logs.ovs_errwarn.api_exceptions   |   Next: Top.S.s.g.Op  T:0.007  C:/E   Result:1 
    
    grep: /var/log/ovs-agent/ovs_root.log.nopw: No such file or directory
    
    Link to ovs_root.log.nopw
    
    Link to vm.cfg files on all repos (size: 2.1K)
    
    Link to /var/log/ovs-agent
    
    Link to /var/log/xen
    the key might be the dropped packets on the vifs. I'm gonna try and debug that from iptables. Not sure if I'll get the chance today or tomorrow.

    Any other ideas I might try?
  • 5. Re: No internet/LAN access from/to outside and domU
    922042 Newbie
    Currently Being Moderated
    small side note: I fixed the dns thing on dom0

    iptables logging did nothing so I went back to tcpdump. this time on all interfaces with following results:
    # tcpdump -D
    1.eth0
    2.xenbr0
    3.eth1
    4.xenbr1
    5.vif1.0
    6.vif1.1
    7.eth2
    8.xenbr2
    9.vif2.0
    10.vif2.1
    11.any (Pseudo-device that captures on all interfaces)
    12.lo
    # tcpdump -nnvXSs 0 icmp -i 11
    tcpdump: WARNING: Promiscuous mode not supported on the "any" device
    tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
    dom1 was constantly pinging the gateway (192.168.14.1) and nothing was showing up. The minuted I started pinging dom2 from dom1, the tcpdump started showing packets

    that got me thinking. obviously the packets stop before tcpdump gets to see them. So I've done some various searches on the subject, and finally gotten to this post: http://serverfault.com/questions/366659/xen-bridge-over-virtualbox-bridge
    promiscuous mode. That rang a bell.
    I enabled promiscuous mode on the network card and voila: the network now works. domU can ping the gateway, the local lan and the entire internet.

    Thank you so much for your assistance. greatly appreciated.
  • 6. Re: No internet/LAN access from/to outside and domU
    821215 Newbie
    Currently Being Moderated
    That's fantastic news! Well done.

    Incidentally there's one version of OracleVM I used where tcpdump would keep crashing (I can't remember exactly which though) so it's lucky you're on 2.2.2.
  • 7. Re: No internet/LAN access from/to outside and domU
    470515 Newbie
    Currently Being Moderated
    Thank you thank you thank you! After three weeks of googling, glad to come across this thread!

    Finally I am able to access the virtual machine(s) console using SSH from host now.

    regards,

    raj
  • 8. Re: No internet/LAN access from/to outside and domU
    User329244 Newbie
    Currently Being Moderated
    Great Great Great

    It worked finally , Happy new Year
  • 9. Re: No internet/LAN access from/to outside and domU
    661705 Newbie
    Currently Being Moderated

    This posting was really helpful to me...thank you all.  I changed my network adapter to PCnet-FAST III and was able to get to the guest machine from the network. 

     

    However, I am not able to ping out or get out from the guest machine.  Did you guys sort that out?  Any thoughts?

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points