Just an update on this, when I add x.x.136.105 to the domU, and ran nmap on that IP, the IRC ports are open, so that confirms my "theory" - this is then a routing issue between the dom0 & domU, right? But how do I fix it?
On 8/10/08, rudiahlers@gmail.com rudiahlers@gmail.com wrote:
Hey Kai,
I just made an interesting discovery. As I said in my previous post, the domU is running on a different subnet from the dom0 - and although the traffic from the dom0 to the domU doesn't travel via a switch, it does seem like this is causing a problem
The dom0 is on x.x.136.110/27 (x.x.136.97 = default gw) and the domU is on x.x.136.55/27 (x.x.136.33 = default gw) The subnet mask on both are 255.255.255.224
The server connects to a switch, and then to a firewall on the internet. The network firewall itself has 4 WAN ports, and 4 different subnets. For a fact, I know I can't communicate with a host from one subnet, to a host on another subnet, since the network firewall doesn't allow it.
So, I have a feeling this affect the networking on the Xen server as well, even if I take the network firewall out of the picture.
How do I work with a XEN domU on a different subnet than the XEN dom0?
On 8/10/08, Kai Schaetzl maillists@conactive.com wrote:
Rudiahlers@gmail.com wrote on Sun, 10 Aug 2008 14:11:06 +0200:
443/tcp closed https
sorry, I dind't look close enough. "closed", of course, means closed ;-)
Did you disable firewall for testing on *every* host that is involved (e.g. on the hosts you try to access/run nmap from), including the gateway? Is this the only IRC service you have running? I'd rather guess you don't have a xen problem, but simply block that port somewhere on the way, and be it on your gateway. Running tcpdump on every involved host may help.
Kai
-- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
--
Kind Regards Rudi Ahlers