Routing eth0 <-> tap0



Auf einem AMD Opteron habe ich ein 64bittiges Host-System mit Linux
2.6.14.3 und ein User Mode Linux, Kernel 2.6.14.3, unter 32 Bit laufen.
Bisher habe ich es nicht geschafft, das UML mit der Außenwelt zu
verbinden. Beide haben öffentliche IP-Adressen: 212.227.101.47 (Host)
und 217.160.17.189 (UML). Mit iptables/ebtables ist außerdem
sichergestellt, daß nur Pakete mit einer der beiden IPs und der
MAC-Adresse von eth0 das System verlassen.

Das UML läßt sich vom Host anpingen und umgekehrt, aber zwischen tap0
und eth0 findet keine Kommunikation statt: laut tcpdump enden Pings von
außen an eth0, Pings vom UML nach draußen gehen nur bis tap0.

Was mache ich falsch?

--------- Host-Konfiguration ----------------------
host:~# ip addr ls
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:30:05:b9:1b:59 brd ff:ff:ff:ff:ff:ff
inet 212.227.101.47/32 brd 212.227.101.47 scope global eth0
3: tap0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:ff:ae:2e:87:4a brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global tap0

host:~# ip route ls
217.160.17.189 via 192.168.1.1 dev tap0 scope link
10.255.255.1 dev eth0 scope link
192.168.1.0/24 dev tap0 proto kernel scope link src 192.168.1.1
default via 10.255.255.1 dev eth0

host:~# cat /proc/sys/net/ipv4/ip_forward
1
host:~# grep "" /proc/sys/net/ipv4/conf/{eth0,tap0}/forwarding
/proc/sys/net/ipv4/conf/eth0/forwarding:1
/proc/sys/net/ipv4/conf/tap0/forwarding:1

host:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- uml anywhere
ACCEPT all -- host anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

host:~# ebtables -L
Bridge table: filter

Bridge chain: INPUT, entries: 0, policy: ACCEPT

Bridge chain: FORWARD, entries: 3, policy: ACCEPT
-s 0:30:5:b9:1b:59 -j ACCEPT
-j DROP

Bridge chain: OUTPUT, entries: 0, policy: ACCEPT


--------- UML-Konfiguration ----------------------
uml:~# ifconfig
eth0 Link encap:Ethernet HWaddr FE:FD:D9:A0:11:BD
inet addr:217.160.17.189 Bcast:217.160.17.189 Mask:255.255.255.255
inet6 addr: fe80::fcfd:d9ff:fea0:11bd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:39 errors:0 dropped:0 overruns:0 frame:0
TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3917 (3.8 KiB) TX bytes:4407 (4.3 KiB)
Interrupt:5

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

uml:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
--
bli
.



Relevant Pages

  • [opensuse] openSUSE on User-mode Linux
    ... Uml starts fine but no runlevel gets started. ... SELinux: Initializing. ... Checking for host processor cmov support...Yes ... Slow work thread pool: Ready ...
    (SuSE)
  • Re: [QUIZ #157] 32bit vs 64bit vs UML performance
    ... the benchmark consists of nearly 99% floating point operations. ... you can figure out what's going on with CodeAnalyst. ... The UML kernel is a 2.6.18 with the UML patches, the host is a 2.6.23.9 ...
    (comp.lang.ruby)
  • Re: [RFC][PATCH 01/20] pid: Intoduce the concept of a wid (wait id)
    ... system calls itself and they do the same thing as the UML system call ... so they could be left to run on the host. ... and for a container to group those namespaces. ... What I want to do is related to process migration, ...
    (Linux-Kernel)
  • [BUG] Linux 2.6.25.4 task_struct leak
    ... Linux 2.6.25.4 x86_64 task_struct leak on host when running UML ... I'm seeing a massive task_struct leak on vanilla Linux 2.6.25.4 x86_64 ... guests on a Linux 2.6.25.4 i386 host kernel. ...
    (Linux-Kernel)
  • re nat masquerade router
    ... still no luck with the Host web browser. ... Chain FORWARD ... tcp dpt:https ... Still no luck with web browser from Host. ...
    (Fedora)