Infrastructure Software

I've installed oracle VM 2.2.2 and proceeded to setup a RAC system using the 11gR2 templates.
Right after network configuration I wanted to login directly using putty rather than the oracle VMM console and failed. This is when I started digging and experimenting.
Right now I have 2 virtual machines in the VMS which can ping each other and can ping the server (dom0). also, the server can ping the outside wold and the domU. But domU cannot ping outside world.

In a more graphical explanation, this looks like this:

LAN <-> dom0 (ping ok either way)
dom0 <-> domU (ping ok either way)
LAN --- domU (ping not working at all)

VM is configured with bridged networking.

I noticed others also have this problem but there is no solution yet as I could find.

I changed default xen config from
#(network-script network-bridge)
(network-script network-bridges)
to
(network-script network-bridge)
#(network-script network-bridges)

in order to also get the IP on eth0

but this didn't have any other effects as far as I can see.

intended configuration (in case something is wrong there and I'm not seeing it)

LAN:
GW: 192.168.14.1
NM: 255.255.255.0

dom0:
IP: 192.168.14.200
NM: 255.255.255.0
GW: 192.168.14.1 (so that it will go out into the internet, through the LAN default gateway)

domU:
public
IP: 192.168.14.211 (212,213,..)
NM: 255.255.255.0
GW: 192.168.14.200 (I also tried 192.168.14.1 without any luck)
private:
IP: 192.168.114.211 (212,213,..)
NM: 255.255.255.0
GW: 192.168.114.211

dom1 ping dom2 works on both public and private IPs.
dom0 ping dom1,2 works on public ip 192.168.14.x
dom0 ping GW 192.168.14.1 works fine
dom1 ping GW 192.168.14.1 fails with
From 192.168.14.211 icmp_seq=1 Destination Host Unreachable

(I would expect this reply to be coming from 192.168.14.200 which is the default GW for this subnet on domU, but maybe my networking expectations are wrong?)

dom0
# brctl show
bridge name     bridge id               STP enabled     interfaces
xenbr0          8000.000c29adc2ec       no              vif2.0
                                                        vif1.0
                                                        eth0
xenbr1          8000.000c29adc2f6       no              vif2.1
                                                        vif1.1
                                                        eth1
xenbr2          8000.000c29adc200       no              eth2

dom0
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
          inet addr:192.168.14.200  Bcast:192.168.14.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:126127 errors:0 dropped:0 overruns:0 frame:0
          TX packets:142498 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10134769 (9.6 MiB)  TX bytes:28014848 (26.7 MiB)
          Interrupt:17 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
          inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:53169 errors:0 dropped:0 overruns:0 frame:0
          TX packets:155 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4838223 (4.6 MiB)  TX bytes:29383 (28.6 KiB)
          Interrupt:18 Base address:0x2080

eth2      Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
          inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:53192 errors:0 dropped:0 overruns:0 frame:0
          TX packets:103 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4843373 (4.6 MiB)  TX bytes:26844 (26.2 KiB)
          Interrupt:19 Base address:0x2400

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:38563 errors:0 dropped:0 overruns:0 frame:0
          TX packets:38563 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7482112 (7.1 MiB)  TX bytes:7482112 (7.1 MiB)

vif1.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2364 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50167 errors:0 dropped:175 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:79311 (77.4 KiB)  TX bytes:4601272 (4.3 MiB)

vif1.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:26 errors:0 dropped:0 overruns:0 frame:0
          TX packets:51483 errors:0 dropped:154 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:1160 (1.1 KiB)  TX bytes:4689578 (4.4 MiB)

vif2.0    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4222 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48378 errors:0 dropped:206 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:162754 (158.9 KiB)  TX bytes:4502583 (4.2 MiB)

vif2.1    Link encap:Ethernet  HWaddr FE:FF:FF:FF:FF:FF
          inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:30 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50244 errors:0 dropped:186 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:1272 (1.2 KiB)  TX bytes:4577492 (4.3 MiB)

xenbr0    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:EC
          inet addr:192.168.14.200  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fead:c2ec/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:132361 errors:0 dropped:0 overruns:0 frame:0
          TX packets:137740 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:8584655 (8.1 MiB)  TX bytes:27843674 (26.5 MiB)

xenbr1    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:F6
          inet6 addr: fe80::20c:29ff:fead:c2f6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52855 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4071294 (3.8 MiB)  TX bytes:4386 (4.2 KiB)

xenbr2    Link encap:Ethernet  HWaddr 00:0C:29:AD:C2:00
          inet6 addr: fe80::20c:29ff:fead:c200/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52721 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4066860 (3.8 MiB)  TX bytes:4386 (4.2 KiB)

domU
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:16:3E:06:AC:F9
          inet addr:192.168.14.211  Bcast:192.168.14.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe06:acf9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:43810 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3351 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4107179 (3.9 MiB)  TX bytes:187816 (183.4 KiB)

eth1      Link encap:Ethernet  HWaddr 00:16:3E:2F:2C:5C
          inet addr:192.168.114.211  Bcast:192.168.114.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe2f:2c5c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:44784 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4113548 (3.9 MiB)  TX bytes:888 (888.0 b)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1751 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1751 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:182759 (178.4 KiB)  TX bytes:182759 (178.4 KiB)

dom0
# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 xenbr0
192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         192.168.14.1    0.0.0.0         UG    0      0        0 eth0

domU
]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.114.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.168.14.200  0.0.0.0         UG    0      0        0 eth0

domU

On dom0, I also tried logging in iptables, adding log target as first rule in NAT, RAW and INPUT tables, on icmp packets, no other filtering, but the pings to 192.168.14.1 don't show up at all, only to 192.168.14.200
iptraf, tcpdump don't show anything coming from 192.168.14.211 while pinging any address (.1 or .200 which is a bit weird for me since I would expect at least the .200 to show up). tcp connections show up, it's just the icmp ones that don't

I'm out of ideas on what to try so any suggestion is welcome.

Thank you.