Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Re: problems with xen installation

from [Anand] [Permanent Link][Original]
To: Fernando Maior <fernando.souto.maior@xxxxxxxxx>
Subject: Re: [Xen-users] Re: problems with xen installation
From: Anand <xen.mails@xxxxxxxxx>
Date: Fri, 30 Dec 2005 22:29:28 +0530
Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 30 Dec 2005 17:04:00 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=G3p9Epwy6djSctSm18E7pL3MlHcHTmSq4lTVYzeE8C8ERxbEedvLPij/J92IYFfE+HxGWXlgeKNYf97o3C5FYZ5cujPhvfizBMYlmUukURJjA9z29fd7OK3MSPDBrEwAJMQgF2xCEL5ZCK/upKuDFeIQ9ZIrinyDwhrEGfrK2yc=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <6a7b2d540512300742y3b00cd5cma2cac2179fd8a9de@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <6a7b2d540512290856m7f0a774h8e132104050891ef@xxxxxxxxxxxxxx> <6a7b2d540512291157s78259528r9a3207dd4172ccfe@xxxxxxxxxxxxxx> <acb757c00512292121q69401768n94c93188b499f453@xxxxxxxxxxxxxx> <6a7b2d540512300223pd6ecaah2bb9c874497eb255@xxxxxxxxxxxxxx> <acb757c00512300430w78bf0b96qde89b2937dc1274b@xxxxxxxxxxxxxx> <20051230134459.GA10278@xxxxxxxxxxxxxx> <acb757c00512300653w68d2cfa3k2760c85b24dec4d9@xxxxxxxxxxxxxx> <20051230151426.GH10278@xxxxxxxxxxxxxx> <acb757c00512300728y41b7135dv743975348eee0385@xxxxxxxxxxxxxx> <6a7b2d540512300742y3b00cd5cma2cac2179fd8a9de@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Dear Fernando,

Thanks for the information.

I looked at the vif-bridge file however confused on how to proceed. First as Andy pointed out the foremost point would be to get a constant vifname everytime the domain starts up only then any bandwidth calculation could work.

Looks like i need to get my hands on someone who knows more on this and perhaps help me achieve this since i am unable to work on it much :((

On 12/30/05, Fernando Maior <fernando.souto.maior@xxxxxxxxx> wrote:
On 12/30/05, Anand <xen.mails@xxxxxxxxx> wrote:
> Dear Andy,
>
> Thanks for all the help. I will try it out.
>
>
> On 12/30/05, Andy Smith < andy@xxxxxxxxxxxxxx> wrote:
> >
> > On Fri, Dec 30, 2005 at 08:23:42PM +0530, Anand wrote:
> > >
> > >    Dear Andy,
> > >    Thanks for the reply.
> > >    >As you noted the vif name will change every time a domain is
> > >    >restarted.  In Xen 2.x you can use the vifname config directive to
> > >    >hardcode vif names per domain.  You can also do this in 3.0 if you
> > >    >use a snapshot of -unstable that has this functionality (apologies,
> > >    >I do not know exactly when it was (re)added).
> > >    Thanks, thats indeed excellent news. May i ask is the snapshot stable
> > >    enough to use on the production box (sorry if it sounds a stupid
> > >    question to you). I am using 3.0 stable rpm from xensource on centos
> > >    4.1 right now.
> >
> > I can't advise on this I'm afraid as I'm not using it heavily in
> > production.
> >
> > It works nicely in the latest 2.x which is what I'm running in
> > production.
> >
> > >    >You can measure the bandwidth use of the vif interfaces in dom0,
> > >    >either by parsing /proc/net/devices periodically or by polling SNMP.
> > >    This will give the problem of the vifname changing everytime and
> hence
> > >    loosing track of the vif to whom the bandwidth should be accounted
> to.
> >
> > Yes you do need to use vifname for this to work.
> >
> > >    >Finally you could also use iptables in dom0 and the physdev module
> > >    >to add rules for traffic going in/out particular vifs, and poll its
> > >    >counters to measure bandwidth.
> > >    Is it possible for you to direct me to some examples ? It will really
> > >    help.
> >
> > This too requires static vif names.  Off the top of my head:
> >
> > iptables -N accounting_in
> > iptables -N accounting_out
> >
> > iptables -A FORWARD -m physdev --physdev-out vif+ -j accounting_in
> > iptables -A FORWARD -m physdev --physdev-in  vif+ -j accounting_out
> >
> > iptables -A accounting_in  -m physdev --physdev-out vif-foo+ -j RETURN
> > iptables -A accounting_out -m physdev --physdev-in  vif-foo+ -j RETURN
> >
> > The above iptables commands check all forwarded traffic to see if it
> > came from/to a vif, if they do they are checked to see if they
> > specifically went through an interface name matching "vif-foo*".
> > You can then use
> >
> > iptables -v --list accounting_in
> > iptables -v --list accounting_out
> >
> > to view the packet and byte counters for those tables.
> >
> > Note this matches only IP traffic.  You'll need to use ip6tables to
> > match IPv6.
> >
> > Without static vif names you could add rules to the bridge interface
> > and try to match only things going to or coming from the IP
> > addresses that you have assigned but that seems even more hackish to
> > me..
> >
> >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.1 (GNU/Linux)
> >
> >
> iD8DBQFDtU7SIJm2TL8VSQsRAtBrAKDW6fAWiPi3DoMD3hG2375VEBoONQCgpTvA
> > poJ7lh1XIbW7dwT/PhuLqh0=
> > =xw9q
> > -----END PGP SIGNATURE-----
> >
> >
> > _______________________________________________
> > Xen-users mailing list
> > Xen-users@xxxxxxxxxxxxxxxxxxx
> > http://lists.xensource.com/xen-users
> >
> >
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>
>

Anand,

You can tweak /etc/xen/scripts/vif-bridges in order to include the
iptables {add|delete} rules when the domain is started/shutdown.

--
Bye,
Fernando Maior
LPIC/1(31908)
LinuxCounter(391325)

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] cant get X on domainU, Slava Mikerin
Next by Date:  Re: [Xen-users] tcp checksum errors across dom0-domu bridge, Daniel Goertzen
Previous by Thread:  Re: [Xen-users] Re: problems with xen installation, Anand
Next by Thread:  [Xen-users] Cannot ssh to VM01 remotely, Brown, Kashif
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy