From owner-freebsd-xen@FreeBSD.ORG Fri Sep 12 12:50:27 2014 Return-Path: Delivered-To: freebsd-xen@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AC6EB133 for ; Fri, 12 Sep 2014 12:50:27 +0000 (UTC) Received: from mail.claresco.hr (zid.claresco.hr [89.201.163.42]) by mx1.freebsd.org (Postfix) with ESMTP id 5FDE9BA7 for ; Fri, 12 Sep 2014 12:50:26 +0000 (UTC) Received: from mail.claresco.hr (localhost [127.0.0.1]) by mail.claresco.hr (Postfix) with ESMTP id A196A2ADFCC for ; Fri, 12 Sep 2014 14:50:23 +0200 (CEST) Received: from arch.perpetuum.hr.claresco.hr (unknown [213.191.141.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.claresco.hr (Postfix) with ESMTPSA id 728792ADF95 for ; Fri, 12 Sep 2014 14:50:23 +0200 (CEST) From: Marko Lerota To: FreeBSD XEN Subject: Re: Routing/NAT problem on Xenserver 6.2 with virtual firewall In-Reply-To: <9864A2A7BE97EB706ED0FC04@Mail-PC.tdx.co.uk> (Karl Pielorz's message of "Fri, 12 Sep 2014 11:42:45 +0100") Organization: *BSD Users - Fanatics Dept. References: <86k359p1qm.fsf@arch.perpetuum.hr> <9864A2A7BE97EB706ED0FC04@Mail-PC.tdx.co.uk> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAJFBMVEWgnbRLVpRNVY9jMRPh s21jSlEyNVX45Mv4zI+sbUclFAtMVpT8V0lFAAACZ0lEQVR4nG3Tv2vbQBQHcFMogWyeNeVK BLXGl5j6xnABOaNTuXFGmWpwtw519yj4soW6AatT4GKD3+aDZrl/rt/Tr9qlGiz7Pn7v3bsf HVc/NrIiSfElqH53GgijcCqzk/+AmBF5cN0DsFlIRGMh/oHuqxkTM6VlzB4EoZEs2aSZOASb EQJYZpweQshE697GTDndBXtgp9LIT9+OpDGHEfb9knk+nx+jfN1JCVZMCl6XwFm0a2EXztZD 3s4fj47ZbKI2VeBmJImeEfGLJ+M9sDPilX7IB5rN6sdfcGhuoHU+LC4nxfnI7YOJtdb95Gb+ fbgJ2uJ2ZgaA++f5ZzBqNCCYfMTd5q0BfBVNqm7I8gUjQ+YtXotRW6PH9AEj+dKs/KuNQAl5 o/NY+QkonW8aQAl0oXMYPvRiXIM4pRJifbXytnhTA8alBx/jefG2ar3DBlt34/PXz9M+nMVN iNaPUdCApJc2ItejOmLGoK1qQLV9pJmXBnL10DYoBA5aHNfj8ZNwZa5O4CzgTJeilKJmrQJs IHIt1/7/Sg2p3iq/Hz0/5W05rq4M9aN2B5FLohUP4ylVyfxhEIjAs8J4PhIJ9U+CEroogib5 BXAf7bB4vkfAzgPFt1tM9sJZAOH+lCexhwswuNtim4QTZdokqo4o89LkH7V6iFxICeqfp+Wh fmUuGPunLj2Meti6Cn4DjJ/UReROqR+aqawAi/JkfgKE64rrfkhjU8MtT8ivR4S5n6Yo08A7 HvgAlHDWRSGlNSDxwK9HtXy4FS2I60EdUIJM+Ut9OZNJG4CpbEQW1VBQoQoPuBw2EVa4P0u0 TgzQF+VoAAAAAElFTkSuQmCC Date: Fri, 12 Sep 2014 14:50:22 +0200 Message-ID: <86fvfxove9.fsf@arch.perpetuum.hr> MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: ClamAV using ClamSMTP X-BeenThere: freebsd-xen@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion of the freebsd port to xen - implementation and usage List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2014 12:50:27 -0000 Karl Pielorz writes: > This is a known bug - see: > > > > It's also an absolute PITA :( - It also affects DHCP (as I found out a > while ago). > > I'd love to look at this further - but I don't have enough knowledge > about either Xen or how the 'netfront' code is handled, and have been > unable to find anyone either interested enough to look - or with the > time to look :-( > > You're more than welcome to add a '/me too' to the PR :) Thanks Karl. It may be something that is 'easy' to fix. ICMP traffic already goes through. So why not just add TCP/UDP in the code :-) It would be a shame that I have to use Iptables again. Any of the free DEVs are listening? I'm buying a beer :-). -- Marko Lerota Sent from my GNU Emacs/Gnus Mailer