[Pkg-xen-devel] Bug or weird ``feature''?

Romain Tartiere romain.tartiere at healthgrid.org
Thu Jun 7 17:13:31 UTC 2007


Hi

I was experimenting with Xen(-2.0) on NetBSD last summer and I have been trying it on
Debian GNU/Linux recently. I was surprised to see that my guest OS
had no Internet connectivity. I took the Xen documentation, but did not
find any clue: the doc basically tells ``everything should work out of
the box''.

I spoke about that with a friend who had already used Xen under Debian
and he told me I had to change /etc/xen/xend-config.sxp to use the
bridge network script.

> --- xend-config.sxp.orig        2007-06-07 18:35:41.000000000 +0200
> +++ xend-config.sxp     2007-03-30 18:39:53.000000000 +0200
> @@ -83,7 +83,8 @@
>  # two fake interfaces per guest domain.  To do things like this, write
>  # yourself a wrapper script, and call network-bridge from it, as appropriate.
>  #
> -(network-script network-dummy)
> +(network-script network-bridge)
>  
>  # The script used to control virtual interfaces.  This can be overridden on a
>  # per-vif basis when creating a domain or a configuring a new vif.  The

This config file is well-commented and reading it carefully leads you to
change this according to your situation... But when you have already used
this tool, and it did what you wanted without tweaking anything, you
expect to have the same behaviour after installing...

Another reason I did not search why the network was failing in this file
is that it begins like this:

> # This example configuration is appropriate for an installation that
> # utilizes a bridged network configuration. Access to xend via http
> # is disabled.

Remembering that the following was by default a bridge creation and a
few other things I did not change when installing on NetBSD, I did not
read this configuration file further.


This experience report is to ask a question: is this ``network-dummy''
something desired or just a bug in the configuration file shipped with
the Debian package?

I use different operating systems and am therefore often confronted to
rearranged package files (for LFH compliance). But I do not remember
having ever installed a software package under Debian that did not work
like the ``official'' package shipped by the developer (I mean
installing from source).
This make me think it is a bug.
On an other hand, it can be considered as a ``security risk'' and
therefore disabled by default. Such a reason looks inconsistent to my
eyes since other software packages (ie. ssh) have some options disabled
by default (in the official source code) that are enabled by default (in
the corresponding Debian package, ie AllowRootLogin).

I just would like to understand what is happening there :)


Regards,
Romain

-- 
Romain Tartiere <romain.tartiere at healthgrid.org>     HealthGrid SysAdmin
pgp: 3BB8 9543 B4F2 3EFA 7478  0BA0 0F8D DB2D B9E4 7019 (ID: 0xB9E47019)
(plain text =non-HTML= PGP/GPG encrypted/signed e-mail much appreciated)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20070607/f6e5d6d0/attachment.pgp 


More information about the Pkg-xen-devel mailing list