<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7651.59">
<TITLE>Re: [Fedora-xen] Fedora Core 8 + Xenbr0 + network bridging?</TITLE>
</HEAD>
<BODY>
<DIV id=idOWAReplyText29821 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>Hi Mark:</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>Thank you very much for your response, I
did indeed read the original poster as Dale by mistake :) So what you are
saying makes perfect sense to me and sounds like exactly what we are after, I
will have 3 vlans to bridge myself ultimately. My next question is the
relative merits of RHEL5.1 as compared to Fedora 8. Obviously I would
prefer the stable enterprise release rather than bleeding edge Fedora,
but has fully virtualized windows performance been fixed in this
release? At any rate I am looking forward to getting this up and running
tomorrow!</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>/Christian</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV></DIV>
<DIV dir=ltr><BR>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Mark Nielsen
[mailto:mnielsen@redhat.com]<BR><B>Sent:</B> Sat 12/1/2007 3:19 PM<BR><B>To:</B>
Christian Lahti<BR><B>Subject:</B> Re: [Fedora-xen] Fedora Core 8 + Xenbr0 +
network bridging?<BR></FONT><BR></DIV>
<DIV>
<P><FONT size=2>hmm, did you mean "Hi Mark" ??<BR><BR>I have 8 Dell 2950s
running RHEL 5.1 (new libvirt with that funky NAT<BR>they added). I have 4 NICs
in each; 2 copper, 2 fiber. I bond the 2<BR>copper (eth0 and eth1) and call it
bond0. bond0 carries my "private" IP<BR>for cluster suite communications on the
dom0 (physical) cluster.<BR><BR>Then I bond eth2 and eth3 (fiber) in to bond1. I
lay down the public<BR>network for the dom0 cluster on bond1.100 (for example,
that would be<BR>VLAN 100). I also add many (up to 10 or so now) VLANs on
bond1<BR>(bond1.20, bond1.21, bond1.22, etc). Then I create xen bridges to
each<BR>of these bond/VLAN devices. This allows me to put any particular VM
on<BR>any particular (or combination up to 3) of these xen bridged bonded
VLAN<BR>device.<BR><BR>My document explains, in detail, how to do all of this :)
The only added<BR>step is that I have to "undefine" (virsh net-undefine default)
the<BR>default network that the new libvirt creates (virbr0). Even with
this<BR>new NAT thing they added, I've been told (by our devs) that
the<BR>preferred way to do static network configurations is with the method
I<BR>lay out. NAT is more for dynamic networks (cable modems, dial-up,
wifi,<BR>etc).<BR><BR>I'm pretty sure there weren't any significant changes in
Fedora 8 (we've<BR>dropped the word "core" now, btw) that don't exist in RHEL
5.1 with<BR>respects to the network. 5.0 -> 5.1 is when that NAT change came
down<BR>the pipe.<BR><BR>Mark<BR><BR>p.s. I'm happy to answer any other
questions you may have about my<BR>document. I'm quite certain that, if you
follow it, you'll have what<BR>you're looking for.<BR><BR>Christian Lahti
wrote:<BR>> Hi Dale:<BR>> <BR>> I work with David who posted the
original question to the mailing<BR>> list. I think we need to give a
bit more background info on what we<BR>> are trying to do. We are
running a mixed environment of mostly CentOS<BR>> 3, 4and 5, we do have a few
windows servers and XP systems as well. <BR>> We are looking to
virtualize all these platforms. Normally we have a<BR>> bonded pair of
NICs for the physical hosts, we were able to get this<BR>> running using
CentOS 5 x86_64 with no problems, the guest machines use<BR>> the bonded pair
in bridged mode as expected after a bit of tweaking. <BR>> The biggest
issue we found with EL5 is that windows guest performace<BR>> is dismal at
best, hence our decision to have a look at Fedora Core 8<BR>> x86_64. I
am happy to report that performance for all of our guest<BR>> platforms is
*very* good with FC8, but it seems that libvirt changed<BR>> the way
networking is setup for Xen. The default NAT configuration is<BR>>
pretty useless for production server environment. Thanks to the<BR>>
mailing list we are now able to bridge a single NIC on FC8 (like eth0<BR>>
for example), but we cannot figure out how to get a bridge for bond0<BR>>
(comprised of eth0 and eth1) defined and available to Xen. All the<BR>>
tweaks that worked find on EL5 have not worked so far on FC8. I am<BR>>
going to review your document tomorrow and give it a try, but any idea<BR>>
on whether your methodology will work on FC8 and libvirt? I am<BR>>
willing to blow a Sunday to get this worked out once and for all
:)<BR>> <BR>> Basically we are after good performance on both para
and fully<BR>> virtualized guests using a bonded pair of GB NICs for speed
and<BR>> redundancy. If this can be achieved with enterprise linux then
that<BR>> would be preferable, but we will go FC8 if the bonding thing can
be<BR>> sorted out. By the way Xensource 4.x looks to be a respin of
RHEL5<BR>> and has pretty good performance but their free version is limited
to<BR>> 32bit (and hence 4GB ram). Adding the clustering failover is
the next<BR>> step of course :)<BR>> <BR>> Thanks again for the
help so far.<BR>> <BR>>
/Christian<BR>> <BR>> <BR>> <BR>>
>>>>>>>>>>><BR>> just FYI for the list, I
have a how-to for a bonded and VLAN tagged network.<BR>><BR>> <A
href="http://www.certifried.com">http://www.certifried.com</A><BR>><BR>>
ODT and PDF formats available.<BR>><BR>> <BR>> It might not
be the best way, but I've sent it out to my colleagues<BR>> several times and
have never received any negative feedback.<BR>>
Mark<BR>><BR>><BR>><BR>> Dale Bewley
wrote:<BR>> <BR>><BR>> I haven't
done bonding, but you should be able to bond them and then compose a bridge on
top of this bonded device I would think.<BR>><BR>>
--<BR>> Dale Bewley - Unix Administrator - Shields
Library - UC Davis<BR>> GPG: 0xB098A0F3 0D5A 9AEB
43F4 F84C 7EFD 1753 064D 2583 B098
A0F3<BR>><BR>> --<BR>>
Fedora-xen mailing list<BR>> Fedora-xen redhat
com<BR>> <A
href="https://www.redhat.com/mailman/listinfo/fedora-xen">https://www.redhat.com/mailman/listinfo/fedora-xen</A><BR>> <BR>><BR>>
****************************************************************************<BR>>
Checked by MailWasher server (www.Firetrust.com)<BR>> WARNING. No FirstAlert
account found.<BR>> To reduce spam further activate FirstAlert.<BR>> This
message can be removed by purchasing a FirstAlert Account.<BR>>
****************************************************************************<BR>><BR>>
------------------------------------------------------------------------<BR>><BR>>
--<BR>> Fedora-xen mailing list<BR>> Fedora-xen@redhat.com<BR>> <A
href="https://www.redhat.com/mailman/listinfo/fedora-xen">https://www.redhat.com/mailman/listinfo/fedora-xen</A><BR>> <BR></FONT></P></DIV>
</BODY>
</HTML>