community.riocities.com

An Alpine Linux XEN network driver domU

Basic Setup of Alpine Linux XEN domU

Guide to configure an basic XEN domU based on Alpine 3.16 and then setting it up as a network driver domain As Dom0 we use Alpine Dom0 V3.15. But please make sure to upgrade that to 3.16 as well.

To do this it prefered to have this type of HW: - Server with vt-d (or amd iommu) and unused NICs or NICs with virtual function support

If you do not have HW like that you can have the dom0 provide the network driver domain with a virtual nic instead, and you will be fine with the -virt kernel flavour (see see below).

Basic configuration

Preparation

NOTE You can most probably skip swap!

Memory we need 512MB Recommended minimum rootfs size is 4GB for a simple network driver domain, this is due to that full xen must be installed in the domU, and allows you space to use linux-lts and lots of firmware.

If you are tight on space and are only going to run the linux-virt kernel (you will probably need vf-function NICs for this) 1 to 2 GB will be enough, and also 256MB of ram will be fine.

NOTE -virt or -lts kernel Bear in mind that if you are going to do physical devices passthrough, you will need to use the -lts kernel. So, in that case, skip the section on changing the kernel to -virt in basic domU installation below.

Install basic domU

Perform an initial installation of a Alpine basic domU

Configure the domU as network driver domain

Package installation in domU

Install the needed packages for the domU to act as a network driver domain

# apk add bridge xen

Enable xl devd

In order for the network driver domain to handle network device plugging when other domUs needing the driver domain starts the xl devd service must be running

# rc-update add xendriverdomain boot
# service xendriverdomain start
# etckeeper commit -m "start xendriverdomain at boot"

network setup for each network

Configuration in driver domain

The network driver domain handles networking for other domUs instead of the dom0, hence the bridge devices is setup in the driver domain instead of in dom0.

Example configuration for a network to be used by a domU, this configuration is added in /etc/network/interfaces in the network driver domain domU.

auto br_<domU-name>
iface br_<domU-name> inet static
        bridge_ports    none
        bridge_stp      off
        bridge_maxwait  0
        bridge_fd       0
        address 192.168.14.1
        netmask 255.255.255.0

# etckeeper commit -m "Added bridge network to interfaces"

Forward IPv4 packets

# echo "## Enable IPv4 packet forwarding" >> /etc/sysctl.d/local.conf
# echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.d/local.conf
# sysctl -p /etc/sysctl.d/local.conf
# etckeeper commit -m "Forward IPv4 packets"

Ensure vif-bridge starts at Boot

# cat << 'EOF' > /etc/local.d/vif-bridge.start
#!/bin/sh -e

# Handle vif bridges added before xl devd was started

# xs is sometimes not responsive during boot
test_xs() {
        # xenstore-read backend/vif/27/0/bridge
        for i in $(seq 1 5)
        do
                xenstore-read $1/bridge > /dev/null && return ||
                sleep 2
        done
}

if [ ! -e "/proc/xen/capabilities" ]; then
        mount -t xenfs xenfs /proc/xen || exit 1
fi

export SUBSYSTEM=xen-backend
export DRIVER=vif
export XENBUS_TYPE=vif
export ACTION=online
export XENBUS_BASE_PATH=backend

for vif in $(ifconfig -a | awk '/^vif/ {print $1}' | tr -d :)
do
        # vif=vif18.0 XENBUS_PATH=backend/vif/18/0  /etc/xen/scripts/vif-bridge online
        x=$(echo $vif | sed 's/^vif//' | sed 's/.[0-9]$//')
        y=$(echo $vif | sed 's/^vif[0-9]*\.//')
        export DEVPATH=/devices/vif-$x-$y
        export XENBUS_PATH=backend/vif/$x/$y
        export vif=$vif
        test_xs $XENBUS_PATH
        /etc/xen/scripts/vif-bridge online
done

exit 0
EOF

And we need to make the file executable, as well as start local at boot.

# chmod a+x /etc/local.d/vif-bridge.start
# rc-update add local
# etckeeper commit -m "Added vif-bridge.start"

Configuration in dom0

The vif lines in xl.cfg only needs a slight modification to use the driver domain.

Networking provided by dom0

vif         = [ 'ip=192.168.14.10, mac=00:16:3E:XX:YY:ZZ, bridge=br_<domU-name>, backend=int-fw' ]

Networking provided by network driver domain

vif         = [ 'ip=192.168.14.10, mac=00:16:3E:XX:YY:ZZ, bridge=br_<domU-name>, backend=<network driver domain name>' ]

That's all there is needed to get the networking out of dom0.

Published

Author

henrik, bengt

Category

HOWTOs

Tags