[CentOS-virt] Can I bridge a bonded and vlan tagged interface directly to a guest?

Mon Aug 3 12:32:44 UTC 2009
David Knierim <dknierim at gmail.com>

   To set up the networking, I basically used the following document:

In this document, there is a reference to a different script for xen to use
to configure the networks.   This script works, but I made two
1) tweaked script so you could have an IP address on bond0 (untagged
traffic) and make that network accessible to the guests
2) added code so the networks could be configured with a configuration file
rather than editing the script

This is what the /etc/xen/net_bond.cfg file looks like:
# This file shows the mapping between the server interface, xen bridge and
virtual interface.   The current code requires all three to be specified.
# bonded interface      xen bridge name         vif name
bond0.3                 xenbr0                  vif0.0
bond0.2                 xenbr1                  vif1.0
bond0.4                 xenbr2                  vif2.0
bond0.7                 xenbr3                  vif3.0
bond0.5                 xenbr4                  vif4.0
bond0.6                 xenbr5                  vif5.0
bond0                   xenbr6                  vif6.0

This is what that script looks like now:

# Usage: transfer_addrs src dst
# Copy all IP addresses (including aliases) from device $src to device $dst.
transfer_addrs () {
    local src=$1
    local dst=$2
    # Don't bother if $dst already has IP addresses.
    if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then
    # Address lines start with 'inet' and have the device in them.
    # Replace 'inet' with 'ip addr add' and change the device name $src
    # to 'dev $src'.
    ip addr show dev ${src} | egrep '^ *inet ' | sed -e "
s/inet/ip addr add/
s/${src}/dev ${dst}/
" | sh -e
    # Remove automatic routes on destination device
    ip route list | sed -ne "
/dev ${dst}\( \|$\)/ {
  s/^/ip route del /
}" | sh -e

# Usage: transfer_routes src dst
# Get all IP routes to device $src, delete them, and
# add the same routes to device $dst.
# The original routes have to be deleted, otherwise adding them
# for $dst fails (duplicate routes).
transfer_routes () {
    local src=$1
    local dst=$2
    # List all routes and grep the ones with $src in.
    # Stick 'ip route del' on the front to delete.
    # Change $src to $dst and use 'ip route add' to add.
    ip route list | sed -ne "
/dev ${src}\( \|$\)/ {
  s/^/ip route del /
  s/^/ip route add /
}" | sh -e

# Usage: create_bridge bridge
create_bridge () {
    local bridge=$1

    # Don't create the bridge if it already exists.
    if ! brctl show | grep -q ${bridge} ; then
        brctl addbr ${bridge}
        brctl stp ${bridge} off
        brctl setfd ${bridge} 0
    ip link set ${bridge} up

# Usage: add_to_bridge bridge dev
add_to_bridge () {
    local bridge=$1
    local dev=$2
    # Don't add $dev to $bridge if it's already on a bridge.
    if ! brctl show | grep -q ${dev}$ ; then
        brctl addif ${bridge} ${dev}

# Usage: show_status dev bridge
# Print ifconfig and routes.
show_status () {
    local dev=$1
    local bridge=$2

    echo '============================================================'
    ip addr show ${dev}
    ip addr show ${bridge}
    echo ' '
    brctl show ${bridge}
    echo ' '
    ip route list
    echo ' '
    route -n
    echo '============================================================'

op_start () {
    if [ -f /etc/xen/net_bond.cfg ] ; then
        grep ^bond /etc/xen/net_bond.cfg | while read bond bridge vif
                create_bridge $bridge
                add_to_bridge $bridge $vif
                add_to_bridge2 $bridge $bond

                transfer_addrs $bond $bridge
                transfer_routes $bond $bridge


op_stop () {
    if [ -f /etc/xen/net_bond.cfg ] ; then
        grep ^bond /etc/xen/net_bond.cfg | while read bond bridge vif
                transfer_routes $bridge $bond
                ip link set $bridge down
                brctl delbr $bridge

# adds $dev to $bridge but waits for $dev to be in running state first
add_to_bridge2() {
    local bridge=$1
    local dev=$2
    local maxtries=10

    echo -n "Waiting for ${dev} to negotiate link."
    for i in `seq ${maxtries}` ; do
        if ifconfig ${dev} | grep -q RUNNING ; then
            echo -n '.'
            sleep 1

    if [ ${i} -eq ${maxtries} ] ; then echo '(link isnt in running state)' ;

    add_to_bridge ${bridge} ${dev}

case "${1}" in


        show_status ${netdev} ${bridge}

        echo "Unknown command: ${1}" >&2
        echo 'Valid commands are: start, stop, status' >&2
        exit 1


On Mon, Aug 3, 2009 at 3:17 AM, Coert Waagmeester <lgroups at waagmeester.co.za
> wrote:

> On Fri, 2009-07-31 at 11:08 -0400, David Knierim wrote:
> > I am running CentOS 5.3 x86_64 as my dom0 and CentOS 5.3 on my domU's.
> > On the dom0, I have two interfaces that are bonded and have tagged
> > VLANs.   I can get the networks to the domU's by creating a bridge for
> > each of the VLANS (bond0.3, bond0.4, etc).   On the domU, the
> > interfaces show up as eth0, eth1, etc.
> >
> > Is there a way to set up the network on the dom0 so my domU's see a
> > single interface with tagged VLAN support??
> >
> > Thanks!
> >    David
> > _______________________________________________
> > CentOS-virt mailing list
> > CentOS-virt at centos.org
> > http://lists.centos.org/mailman/listinfo/centos-virt
> Hello David,
> Sorry this is not an answer to your question, but how did you set up the
> bonds with xen?
> I tried doing the same, and did not win....
> Regards,
> Coert
> _______________________________________________
> CentOS-virt mailing list
> CentOS-virt at centos.org
> http://lists.centos.org/mailman/listinfo/centos-virt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20090803/5b2edb02/attachment-0004.html>