User Tools

Site Tools


unix:virtualization:xen:networking

Xen Networking

Under Debian Linux (Wheezy, Xen 4.x), Xen expects the network to be defined as bridges at the DOM0 level. Thus, a simple Xen DOM0, with one interface, should define a bridge which is then passed to the virtuals.

Basic Setup

Assuming the interface name is eth0, we can create a bridge (called xenbr0 by convention) as follows:

iface eth0 inet manual

auto xenbr0
iface xenbr0 inet static
   bridge_ports eth0
   address 192.168.1.10
   netmask 255.255.255.0
   gateway 192.168.1.1

The first line, iface eth0 inet manual says “don't do anything with eth0”, then the second line auto xenbr0 says “automatically bring up xenbr0”.

After this, we simply define xenbr0 the same way we normally would define eth0 with the one added line bridge_ports eth0, which tells us which ports to use on the bridge.

In our DOMU configuration, we simply define the vifs to use these bridges

vif= [
       'mac=00:16:3e:42:1b:70,bridge=xenbr0,vifname=jenny0',
]

If you are using more than one interface, simply replicate the above

iface eth0 inet manual

auto xenbr0
iface xenbr0 inet static
   bridge_ports eth0
   address 192.168.1.10
   netmask 255.255.255.0
   gateway 192.168.1.1

iface eth1 inet manual

auto xenbr1
iface xenbr1 inet static
   bridge_ports eth1
   address 192.168.2.10
   netmask 255.255.255.0

and your DOMU configuration turns into

vif= [
       'mac=00:16:3e:42:1b:70,bridge=xenbr0,vifname=jenny0',
       'mac=00:16:3e:42:1b:71,bridge=xenbr1,vifname=jenny1',
]

With vlans

When you add vlans to the mix, I do everything in the DOM0. Under Debian, simply install the vlan package

apt-get install vlan

then modify your interfaces file to use this. The syntax is found by adding a period and the vlan number to the end of the interface name, ie eth0.10 would be vlan 10 on eth0.

iface eth0 inet manual

auto xenbr0.10
iface xenbr0.10 inet dhcp
   bridge_ports eth0.10

In the above case, we have set xenbr0.10 to acquire it's IP address over DHCP. In the virtual configuration file, you end up with.

vif= [
       'mac=00:16:3e:42:1b:70,bridge=xenbr0.10,vifname=server_outside',
       'mac=00:16:3e:42:1b:71,bridge=xenbr0.20,vifname=server_lan',
      ]

Bonding and vlan

If you want to bond your ports together (Debian for LAPC), create your bond first, then use it as the basis for your bridged vlans.

To use bonding, you must install the ifenslave package under Debian

apt-get install ifenslave

By convention, the interfaces created are set up as bond0, bond1, etc… I believe it will work with other names, but have no idea if that is so. Somewhere, somehow it needs to realize we are using ifenslave, but I think that is when it sees the slaves parameter.

# create a bond using eth0 and eth1
auto bond0
iface bond0 inet manual
        #bond-mode 802.3ad
        bond-mode 4
        bond-miimon 100
        bond_xmit_hash_policy layer2+3
        bond_lacp_rate slow
        slaves eth0 eth1

auto xenbr0.10
iface xenbr0.10 inet manual
        bridge_ports bond0.10

auto xenbr0.20
iface xenbr0.20 inet static
        bridge_ports bond0.20
        address 10.10.0.5
        netmask 255.255.255.0
        gateway 10.10.0.1

and your virtual's vif stays the same

vif= [
       'mac=00:16:3e:42:1b:70,bridge=xenbr0.10,vifname=server1_outside',
       'mac=00:16:3e:42:1b:71,bridge=xenbr0.20,vifname=server1_lan'
     ]

Note: Did you notice xenbr0.10 did not define any addresses at all? By placing manual in place of dhcp or static, you are defining but not configuring the interface. That means the DOM0 will not attempt to do networking on that interface. For that matter, a smart switch will not even get the MAC address of the DOM0's interface. However, the interface can still be passed on to the virtuals with full control.

Resources

unix/virtualization/xen/networking.txt · Last modified: 2020/02/19 14:39 by rodolico