OS13.1+Xen:Network Setup Question.

vl1969 · March 24, 2014, 5:00pm

OK, I am setting up an OpenSuse 13.1 based VM/File server.
Hardware:
Supermicro SC846 – 24 Bay (from TAMs)
Motherboard: H8DME-2 Updated BIOS to v3.5
CPU :2 AMD Opteron Hex Core 2431 @ 2.4Ghz for total of 12 cores
RAM : 56 GB
IPMI Card: Kira 100
3 SAT2-MV8 PCI-X Raid cards
2 on board Gigabit NIC
1 Intel Pro Dual port PCI-X
Total 4 NIC ports.

so, question(s) is how do I setup my NIC ports.
I use ifap, is there any reason to use network manager?
this is also a VM server do a bridge setup is needed. not sure if you can use xenbridge(s) with Network manager.

what I have right now is:
current network is 192.168.1.xxx based.
router is 192.168.1.1

all interfaces are connected to the 24-port netgear switch (simple not managed)

each NIC is assigned Hardware Id as follows:

NIC1 – enp8s0 → on-board NIC, also is a primary LAN interface for the server used for ssh access and otherwise external connect to the server from home LAN.
static IP 192…20
HostName “Atlas”
domain “myhome.lan”

NIC2 – enp9s0 → second on-board NIC, not used for anything. if not needed thinking of do a nic-teaming with primary for speed increase. right now is connected and setup as DHCP

external Intel Pro Card Ports, not used at all. plan is to use them for Sophos UTM VM as WAN and LAN interfaces for the UTM.
NIC3 – enp6s0
NIC4 – enp6s1

my issues currently.

after setting up and booting with Xen 4.3, primary bridge is created (br0) using the NIC1(enp8s0)

the nick config changes to (0.0.0.0/32) and all the settings(host name, domain,IP etc.) is moved to br0. this works as I have access to the internet andcan see the server on the network as well no isses.

but when I setup bridged for the rest of the interfaces they do not work.
I mean I see the connections in the task bar but they are showing limited connectivity.
what gives?
how would I go with setting up the connections so I can use them for UTM VM for example?
any help would be appreciated.

the basic idea here would be to :
a. connect NIC1 – enp8s0 to the switch so it provides basic all around connectivity for the server. this works.
b. connect NIC3 – enp6s0 to the switch and assign it to the UTM VM as eth0-LAN
connect NIC4 – enp6s1NIC to the CableModem(internet) and assign it to the UTM VM as eth1-WAN

if this nics will only be used by UTM VM do I need the bridge for them.
currently I create bridge for each NIC I have thus bridge br2 and br3 are for NIC3 and NIC4 respectively but this does not seam to work as UTM have no connectivity what so ever.

nic2 is not used at all so not too important at the moment…

tsu2 · March 25, 2014, 5:05am

Is a bit hard to follow your exact setup in detail, at least for me because you reference virtual and physical devices interchangeably.

But,
I would make the following suggestions…

If every Guest is connecting to the same LAN, then they should all use the same Linux Bridge device (br0). Because of the nature of how Ethernet works, unless you do something extraordinary there is no benefit to assigning any Guest to different virtual (and the underlying physical) adapter.

You can use or not use Network Manager for wired connections, it’s probably more a matter of style or taste. Network Manager provides better management connecting to diverse networks which doesn’t appear to be what your scenario requires.

HTH,
TSU

vl1969 · March 25, 2014, 12:59pm

I am sorry but I am not sure what give you the idea that I am referring to physical and virtual devices interchangeable. at the moment I am practically have only physical devices and trying to build out the VMs as needed. but let me try to clarify things a bit.

#1. my HOST server (aka Atlas) have 4 physical network interfaces. 2 on-board (i.e. on motherboard ports)
and 2 via PCI-X Intel dual port card.
I refer to them as the on-board are NIC1,NIC2 and the PCI card are NIC3 and NIC4.
each of the interfaces are given a device name by openSuse in respect of the bus ID and device ID in the system.
NIC1 – enp8s0 and NIC2 – enp9s0
NIC3 – enp6s0 and NIC4 – enp6s1

so if that is what you mean by me referring to virtual and physical device interchangeably this should          clarify what I have in the HOST system physically.

now because I run Xen on the HOST system I have a bridge defined (br0) that is linked to physical NIC1.
and it is a main LAN connection for the HOST.
NIC2 is currently unused and I am thinking that I just might do a nic-teaming on NIC1 and NIC2 to speed up the connection to the server and give all my VMs better bandwidth.

no the difficult part.

I want to run router/firewall as a VM (currently reviewing SophosUTM(former Astaro) and pfSense)
for that I need to give this particular VM full and sole access to at least 2 NICs. thus I want to use the interfaces on expansion card for that. one interface will be WAN and connected to the modem and second will be the LAN connecting the VM to the main LAN and passing the traffic to/from Internet, just like a real router/firewall.

what I am asking is how to set up this 2 cards properly so I can pass them to Router VM and that would work.

I tried setting up 2 bridge interfaces br2 and br3 for each NIC3 and NIC4 respectively and adding this to the VM. the bridges are accepted as nics to the VM but no traffic seams to go through.
I can not even connect to the VM using the IP that was setup during install.
also if I setup NIC3 as the LAN interface for VM and use static IP on the HOST system. the VM OS asks to provide it’s own static IP and boots to it but neither one is reachable from network.

for example:
on the HOST system I setup bridge (br2) to be used as LAN interface in UTM VM.
I set it IP 192.168.1.41 and linked it to physical NIC3.
I setup brdige (br3) to be used as WAN interface in UTM VM.
and make it DHCP.

the UTM during initial setup asks which nic (it’s internally uses eth0 and eth1 as in old style naming convention) is to be used for LAN and management interface and I say to use eth0 which is the representation of host.br2
it asks for the IP (must be static as it will be used as main gateway when all network is connected to the UTM) I provide the ip, let say 192.168.1.30.

after all install and initial setup I have a functional UTM VM running and telling me that I have to use the LAN IP for further management and configuration but I can not get to the IP from any of the machines, not even the HOST system. niether 41 or 30 ip is reachable.