2 Replies Latest reply: Feb 8, 2013 12:04 PM by user755708 RSS

    Network Address Translation (NAT) / IP forwarding for Oracle VM x86 3.2

    user755708
      I have some Linux domU set up using Xen bridges in dom0 running Oracle VM x86 3.2. The domU is on the 192.168.200.0 network and the dom0 is on the 10.244.64.0. I would like the domU to access the 10.*.*.* network. I tried to follow the steps in Oracle VM Server NAT network

      Since the Xen bridges have been set up, I just ran these steps in dom0:
      # vi /etc/sysctl.conf
      net.ipv4.ip_forward=1

      # sysctl -p

      # iptables -t nat -A POSTROUTING -o xenbr0 -j MASQUERADE
      # service iptables save

      However, the domU cannot reach the 10.*.*.* network. I would appreciate some help to set up the network so that the domU can access outside the 192.168.200.0 private network.

      Below is more information on the dom0:

      # brctl show
      bridge name bridge id STP enabled interfaces
      xenbr0 8000.002128fbcd92 no bond0
      vif11.0
      vif11.1
      vif11.2
      vif11.3
      vif2.0
      vif2.1
      vif2.2
      vif2.3


      # ifconfig -a
      bondib0 Link encap:InfiniBand HWaddr 80:00:05:4A:FE:80:00:00:00:00:00:00:00:00:00:00:00:00:00:00
      inet addr:192.168.68.5 Bcast:192.168.48.255 Mask:255.255.255.0
      UP BROADCAST MASTER MULTICAST MTU:65520 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

      bond0 Link encap:Ethernet HWaddr 00:21:28:FB:CD:92
      UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
      RX packets:24832437 errors:0 dropped:19527 overruns:0 frame:0
      TX packets:20270186 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:10101518014 (9.4 GiB) TX bytes:29798068251 (27.7 GiB)

      eth0 Link encap:Ethernet HWaddr 00:21:28:FB:CD:92
      UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
      RX packets:24832437 errors:0 dropped:0 overruns:0 frame:0
      TX packets:20270187 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:10101518014 (9.4 GiB) TX bytes:29798068413 (27.7 GiB)

      eth1 Link encap:Ethernet HWaddr 00:21:28:FB:CD:93
      BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

      eth2 Link encap:Ethernet HWaddr 90:E2:BA:1A:AA:8C
      BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

      eth3 Link encap:Ethernet HWaddr 90:E2:BA:1A:AA:8D
      BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

      eth4 Link encap:Ethernet HWaddr 00:21:28:FB:CD:94
      BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

      eth5 Link encap:Ethernet HWaddr 00:21:28:FB:CD:95
      BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

      ib0 Link encap:InfiniBand HWaddr 80:00:05:4A:FE:80:00:00:00:00:00:00:00:00:00:00:00:00:00:00
      UP BROADCAST RUNNING MULTICAST MTU:65520 Metric:1
      RX packets:1804669 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1024
      RX bytes:101152502 (96.4 MiB) TX bytes:0 (0.0 b)

      ib1 Link encap:InfiniBand HWaddr 80:00:05:4B:FE:80:00:00:00:00:00:00:00:00:00:00:00:00:00:00
      UP BROADCAST RUNNING MULTICAST MTU:65520 Metric:1
      RX packets:1804669 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1024
      RX bytes:101152502 (96.4 MiB) TX bytes:0 (0.0 b)

      lo Link encap:Local Loopback
      inet addr:127.0.0.1 Mask:255.0.0.0
      UP LOOPBACK RUNNING MTU:16436 Metric:1
      RX packets:51764 errors:0 dropped:0 overruns:0 frame:0
      TX packets:51764 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:8605410 (8.2 MiB) TX bytes:8605410 (8.2 MiB)

      vif2.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:8604 errors:0 dropped:0 overruns:0 frame:0
      TX packets:15565532 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:444427 (434.0 KiB) TX bytes:4221431489 (3.9 GiB)

      vif2.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:5695 errors:0 dropped:0 overruns:0 frame:0
      TX packets:15565018 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:183639 (179.3 KiB) TX bytes:4221123784 (3.9 GiB)

      vif2.2 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:15565060 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:0 (0.0 b) TX bytes:4221268817 (3.9 GiB)

      vif2.3 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:45 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:0 (0.0 b) TX bytes:4343 (4.2 KiB)

      vif11.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:360832 errors:0 dropped:0 overruns:0 frame:0
      TX packets:6851863 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:8575887026 (7.9 GiB) TX bytes:2417191652 (2.2 GiB)

      vif11.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:3428 errors:0 dropped:0 overruns:0 frame:0
      TX packets:6029897 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:179256 (175.0 KiB) TX bytes:2354688155 (2.1 GiB)

      vif11.2 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:6029949 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:0 (0.0 b) TX bytes:2355012501 (2.1 GiB)

      vif11.3 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:45 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:32
      RX bytes:0 (0.0 b) TX bytes:3936 (3.8 KiB)

      xenbr0 Link encap:Ethernet HWaddr 00:21:28:FB:CD:92
      inet addr:10.244.69.35 Bcast:10.244.71.255 Mask:255.255.248.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:3980443 errors:0 dropped:1180417 overruns:0 frame:0
      TX packets:295369 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:502736804 (479.4 MiB) TX bytes:258440679 (246.4 MiB)

      xenbr0:1 Link encap:Ethernet HWaddr 00:21:28:FB:CD:92
      inet addr:192.168.200.5 Bcast:192.168.200.255 Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

      xenbr0:2 Link encap:Ethernet HWaddr 00:21:28:FB:CD:92
      inet addr:192.168.210.4 Bcast:192.168.210.255 Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

      xenbr0:3 Link encap:Ethernet HWaddr 00:21:28:FB:CD:92
      inet addr:192.168.210.5 Bcast:192.168.210.255 Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

      # route -n
      Kernel IP routing table
      Destination Gateway Genmask Flags Metric Ref Use Iface
      0.0.0.0 10.244.64.1 0.0.0.0 UG 0 0 0 xenbr0
      10.244.64.0 0.0.0.0 255.255.248.0 U 0 0 0 xenbr0
      169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 xenbr0
      192.168.68.0 0.0.0.0 255.255.255.0 U 0 0 0 bondib0
      192.168.200.0 0.0.0.0 255.255.255.0 U 0 0 0 xenbr0
      192.168.210.0 0.0.0.0 255.255.255.0 U 0 0 0 xenbr0

      Below is more information from the domU:

      # ifconfig -a
      bondeth0 Link encap:Ethernet HWaddr 00:16:3E:5F:A4:5F
      inet addr:192.168.210.70 Bcast:192.168.210.255 Mask:255.255.255.0
      UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
      RX packets:31131818 errors:0 dropped:0 overruns:0 frame:0
      TX packets:5697 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:8006719501 (7.4 GiB) TX bytes:263461 (257.2 KiB)

      bondib0 Link encap:InfiniBand HWaddr 80:08:05:52:FE:80:00:00:00:00:00:00:00:00:00:00:00:00:00:00
      inet addr:192.168.68.70 Bcast:192.168.71.255 Mask:255.255.252.0
      UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
      RX packets:3404628 errors:0 dropped:0 overruns:0 frame:0
      TX packets:102 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:191848658 (182.9 MiB) TX bytes:7239 (7.0 KiB)

      bond0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
      BROADCAST MASTER MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

      eth0 Link encap:Ethernet HWaddr 00:16:3E:38:2C:77
      inet addr:192.168.200.70 Bcast:192.168.200.255 Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:15566458 errors:0 dropped:0 overruns:0 frame:0
      TX packets:8644 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:4003594353 (3.7 GiB) TX bytes:571395 (558.0 KiB)
      Interrupt:165

      eth1 Link encap:Ethernet HWaddr 00:16:3E:5F:A4:5F
      UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
      RX packets:15565888 errors:0 dropped:0 overruns:0 frame:0
      TX packets:5697 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:4003287528 (3.7 GiB) TX bytes:263461 (257.2 KiB)
      Interrupt:164

      eth2 Link encap:Ethernet HWaddr 00:16:3E:5F:A4:5F
      UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
      RX packets:15565930 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:4003431973 (3.7 GiB) TX bytes:0 (0.0 b)
      Interrupt:163

      eth3 Link encap:Ethernet HWaddr 00:16:3E:7C:F0:23
      BROADCAST MULTICAST MTU:1500 Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
      Interrupt:162

      ib0 Link encap:InfiniBand HWaddr 80:08:05:52:FE:80:00:00:00:00:00:00:00:00:00:00:00:00:00:00
      UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
      RX packets:1704661 errors:0 dropped:0 overruns:0 frame:0
      TX packets:102 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1024
      RX bytes:96559468 (92.0 MiB) TX bytes:7239 (7.0 KiB)

      ib1 Link encap:InfiniBand HWaddr 80:08:05:53:FE:80:00:00:00:00:00:00:00:00:00:00:00:00:00:00
      UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
      RX packets:1699967 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1024
      RX bytes:95289190 (90.8 MiB) TX bytes:0 (0.0 b)

      lo Link encap:Local Loopback
      inet addr:127.0.0.1 Mask:255.0.0.0
      UP LOOPBACK RUNNING MTU:16436 Metric:1
      RX packets:8776 errors:0 dropped:0 overruns:0 frame:0
      TX packets:8776 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:904016 (882.8 KiB) TX bytes:904016 (882.8 KiB)

      # route -n
      Kernel IP routing table
      Destination Gateway Genmask Flags Metric Ref Use Iface
      192.168.210.0 0.0.0.0 255.255.255.0 U 0 0 0 bondeth0
      192.168.200.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
      192.168.68.0 0.0.0.0 255.255.252.0 U 0 0 0 bondib0
      169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
      0.0.0.0 192.168.200.1 0.0.0.0 UG 0 0 0 eth0

      Edited by: user755708 on Feb 7, 2013 8:46 PM
        • 1. Re: Network Address Translation (NAT) / IP forwarding for Oracle VM x86 3.2
          user12273962
          Have you extend the 10... network VLAN son your switch to the same ports as the 192.... network? Does your switch require VLAN tagging and do you have it setup VLANS defined on your network interfaces in question?

          I don't see anything wrong in your configure. I assume you can ping your 10.244.69.35 but not anything else.
          • 2. Re: Network Address Translation (NAT) / IP forwarding for Oracle VM x86 3.2
            user755708
            I am new to Oracle VM. The dom0 and domU are set up by someone else. So I don't know the details. In the domU, I can't even ping the 10.244.69.35 address of the dom0.

            # ping 10.244.69.35
            PING 10.244.69.35 (10.244.69.35) 56(84) bytes of data.
            From 192.168.200.50 icmp_seq=2 Destination Host Unreachable
            From 192.168.200.50 icmp_seq=3 Destination Host Unreachable
            From 192.168.200.50 icmp_seq=4 Destination Host Unreachable

            The Cisco switch on the 10.*.*.* network is owned by IT and I can't change anything on it. This is why I try to set up NAT on the dom0. I would appreciate any help so that I can access the 10.*.*.* network from the domU.