vif in user ProxyVM?
27 views
Skip to first unread message
johny...@sigaint.org
Aug 22, 2016, 10:47:40 AM8/22/16
to qubes...@googlegroups.com
I'm trying to create a ProxyVM of my own, to replace sys-firewall.
I'm on 3.2rc2-testing.
When I create a ProxyVM in either fedora23 or debian-8, eth0 shows up, but
no vif interface appears.
There are iptables entries for 10.137.4.*, so the firewall mechanism seems
to be doing (part of) it's thing, but with no vif device itself.
/proc/net/dev on my ProxyVM shows only eth0 and lo, whereas on the
sys-firewall it shows eth0, lo, and a vif interface.
dmesg (on debian-8) shows:
[ 1.257473] xenbus_probe_frontend: Device with no driver: device/vif/0
[ 1.257661] Magic number: 1:252:3141
...
But no further reference to vif. Whereas on sys-firewall, dmesg shows:
[ 1.277519] xenbus_probe_frontend: Device with no driver: device/vif/0
[ 1.277687] Magic number: 1:252:3141
...
[ 33.337886] IPv6: ADDRCONF(NETDEV_UP): vif105.0: link is not ready
[ 43.258766] vif vif-105-0 vif105.0: Guest Rx ready
[ 43.258813] IPv6: ADDRCONF(NETDEV_CHANGE): vif105.0: link becomes ready
------------------
What am I missing? Is there something in dom0 or in the ProxyVM's start
scripts I need to configure the vif interface, so I can do some Proxyin'?
I thought I recalled creating my own ProxyVM in 3.1 to check it out, and I
*thought* the vif appeared automatically, but I could be mistaken about
that.
I did some Googling and reading of xen networking pages, but am quite lost
as to why this interface isn't showing up (other than the mentio nof
device/vif/0 in dmesg).
The Qubes networking page wasn't particularly helpful:
> Firewall and Proxy VMs
>
> TODO
:)
Thanks.
JJ
I'm on 3.2rc2-testing.
When I create a ProxyVM in either fedora23 or debian-8, eth0 shows up, but
no vif interface appears.
There are iptables entries for 10.137.4.*, so the firewall mechanism seems
to be doing (part of) it's thing, but with no vif device itself.
/proc/net/dev on my ProxyVM shows only eth0 and lo, whereas on the
sys-firewall it shows eth0, lo, and a vif interface.
dmesg (on debian-8) shows:
[ 1.257473] xenbus_probe_frontend: Device with no driver: device/vif/0
[ 1.257661] Magic number: 1:252:3141
...
But no further reference to vif. Whereas on sys-firewall, dmesg shows:
[ 1.277519] xenbus_probe_frontend: Device with no driver: device/vif/0
[ 1.277687] Magic number: 1:252:3141
...
[ 33.337886] IPv6: ADDRCONF(NETDEV_UP): vif105.0: link is not ready
[ 43.258766] vif vif-105-0 vif105.0: Guest Rx ready
[ 43.258813] IPv6: ADDRCONF(NETDEV_CHANGE): vif105.0: link becomes ready
------------------
What am I missing? Is there something in dom0 or in the ProxyVM's start
scripts I need to configure the vif interface, so I can do some Proxyin'?
I thought I recalled creating my own ProxyVM in 3.1 to check it out, and I
*thought* the vif appeared automatically, but I could be mistaken about
that.
I did some Googling and reading of xen networking pages, but am quite lost
as to why this interface isn't showing up (other than the mentio nof
device/vif/0 in dmesg).
The Qubes networking page wasn't particularly helpful:
> Firewall and Proxy VMs
>
> TODO
:)
Thanks.
JJ
Chris Laprise
Aug 22, 2016, 12:11:40 PM8/22/16
to johny...@sigaint.org, qubes...@googlegroups.com
On 08/22/2016 10:47 AM, johny...@sigaint.org wrote:
> I'm trying to create a ProxyVM of my own, to replace sys-firewall.
>
> I'm on 3.2rc2-testing.
>
> When I create a ProxyVM in either fedora23 or debian-8, eth0 shows up, but
> no vif interface appears.
>
vif interfaces appear when you connect downstream vms to the proxyvm.
> I'm trying to create a ProxyVM of my own, to replace sys-firewall.
>
> I'm on 3.2rc2-testing.
>
> When I create a ProxyVM in either fedora23 or debian-8, eth0 shows up, but
> no vif interface appears.
>
Chris
johny...@sigaint.org
Aug 22, 2016, 7:50:31 PM8/22/16
to Chris Laprise, johny...@sigaint.org, qubes...@googlegroups.com
Thanks. :)
JJ
Reply all
Reply to author
Forward
0 new messages