Best way to get IP addresses from VMs without logging in to them?

Best way to get IP addresses from VMs without logging in to them?

[Russ Pavlicek]

I have been working on an "on-ramp" application to introduce new
people to Xen Project (more on that later), when I ran into a simple
scenario which seems to lack a simple solution:

When I start up a new VM which employs DHCP, how can I
programmatically determine what IP address it obtained?

When I look at the Wiki, I find the following reference:

http://wiki.xenproject.org/wiki/Xen_FAQ_Networking#IP_Determination

Which suggests using tcpdump for sniffing out packets relating to a
known MAC address.  But that depends on traffic flow from VM, which
could be time consuming if the machine happens to be idle.

I devised the following bash script which uses nmap to determine the
correlation of MAC address to IPv4 address in a Class C network with a
known subnet root:

# Use nmap to find the IP of the MAC address:
ADDRLINE=`nmap -sn $IPROOT.1-254 | egrep -i $MACADDR -B 3 | egrep $IPROOT`
IPADDR=${ADDRLINE#*(}
ADDRLINE=${IPADDR%)*}

It works, but it is clunky (and currently limited to Class C networks).

Is there a better way to programmatically do this?  If so, we need to
document it in the Wiki (and I'd be glad to work on that).  But how
can we do this simply?

Thanks,

Russ

Re: Best way to get IP addresses from VMs without logging in to them?

[Ian Campbell]

On Wed, 2014-06-11 at 12:32 -0400, Russ Pavlicek wrote:
> I have been working on an "on-ramp" application to introduce new
> people to Xen Project (more on that later), when I ran into a simple
> scenario which seems to lack a simple solution:
> 
> When I start up a new VM which employs DHCP, how can I
> programmatically determine what IP address it obtained?
> 
> When I look at the Wiki, I find the following reference:
> 
> http://wiki.xenproject.org/wiki/Xen_FAQ_Networking#IP_Determination
> 
> Which suggests using tcpdump for sniffing out packets relating to a
> known MAC address.  But that depends on traffic flow from VM, which
> could be time consuming if the machine happens to be idle.

If the machine is using DHCP then you should be able to observe the DHCP
requests and responses, which contain the IP address. I think Xenrt does
something around parsing the tcpdump output of that happening, but I'm
not sure of the details.

Ian.

Re: Best way to get IP addresses from VMs without logging in to them?

[Andy Smith]

Hello,

On Wed, Jun 11, 2014 at 12:32:50PM -0400, Russ Pavlicek wrote:
> Is there a better way to programmatically do this?  If so, we need to
> document it in the Wiki (and I'd be glad to work on that).  But how
> can we do this simply?

I'd rather route only the (blocks of) IPs that I want the VM to have
to the VM, not let them set any they like. That way I know what they
have (because I routed it to them) and I know they can only use what
they were given.

If I had to use DHCP though, I'd be using the DHCP logs for the
MAC/IP mapping.

Sniffing traffic would be my last resort.

I don't *think* that Xen has any way to know what interfaces are
configured on the domU end of a vif.

Cheers,
Andy

Re: Best way to get IP addresses from VMs without logging in to them?

[Ian Campbell]

On Wed, 2014-06-11 at 16:40 +0000, Andy Smith wrote:
> Hello,
> 
> On Wed, Jun 11, 2014 at 12:32:50PM -0400, Russ Pavlicek wrote:
> > Is there a better way to programmatically do this?  If so, we need to
> > document it in the Wiki (and I'd be glad to work on that).  But how
> > can we do this simply?
> 
> I'd rather route only the (blocks of) IPs that I want the VM to have
> to the VM, not let them set any they like. That way I know what they
> have (because I routed it to them) and I know they can only use what
> they were given.
> 
> If I had to use DHCP though, I'd be using the DHCP logs for the
> MAC/IP mapping.
> 
> Sniffing traffic would be my last resort.

I agree with your prioritisation of these techniques ;-)

> I don't *think* that Xen has any way to know what interfaces are
> configured on the domU end of a vif.

In the absence of a guest agent of some sort it doesn't.

Ian.

Re: Best way to get IP addresses from VMs without logging in to them?

[Andrew Cooper]

On 11/06/14 17:38, Ian Campbell wrote:
> On Wed, 2014-06-11 at 12:32 -0400, Russ Pavlicek wrote:
>> I have been working on an "on-ramp" application to introduce new
>> people to Xen Project (more on that later), when I ran into a simple
>> scenario which seems to lack a simple solution:
>>
>> When I start up a new VM which employs DHCP, how can I
>> programmatically determine what IP address it obtained?
>>
>> When I look at the Wiki, I find the following reference:
>>
>> http://wiki.xenproject.org/wiki/Xen_FAQ_Networking#IP_Determination
>>
>> Which suggests using tcpdump for sniffing out packets relating to a
>> known MAC address.  But that depends on traffic flow from VM, which
>> could be time consuming if the machine happens to be idle.
> If the machine is using DHCP then you should be able to observe the DHCP
> requests and responses, which contain the IP address. I think Xenrt does
> something around parsing the tcpdump output of that happening, but I'm
> not sure of the details.
>
> Ian.

I believe XenRT snoops ARP and DHCP packets from dom0 using tcpdump, but
also controls the DHCP server itself.

XenServer also has the guest tools package.  This is a small daemon
running in the guest which, amongst other things, writes
/local/domain/$DOMID/attr/eth$N/ip/$DETAILS which is then consumed by
monitoring tools in dom0.

~Andrew

Re: Best way to get IP addresses from VMs without logging in to them?

[Russ Pavlicek]

Ian,

The tcpdump route is probably in line with the process in the Wiki.
Still seems like a really awkward solution to me.

Andrew,

Using ARP or the DHCP logs on a machine which runs the DHCP server is
definitely simpler, but it doesn't apply in my case unfortunately.
I've used solutions like the daemon you describe in the past, but I
was hoping not to have to go that way.

There isn't any way to execute a command over the Xen console
interface is there?  Or query some table from the bridge without
sniffing packets?  I was hoping there would be some way to query for
the value, instead of sniffing for one, especially when the virtual
network wire has to know what IPs are assigned where.

Thanks,

Russ

On Wed, Jun 11, 2014 at 12:49 PM, Andrew Cooper
<andrew.cooper3@citrix.com> wrote:
> On 11/06/14 17:38, Ian Campbell wrote:
>> On Wed, 2014-06-11 at 12:32 -0400, Russ Pavlicek wrote:
>>> I have been working on an "on-ramp" application to introduce new
>>> people to Xen Project (more on that later), when I ran into a simple
>>> scenario which seems to lack a simple solution:
>>>
>>> When I start up a new VM which employs DHCP, how can I
>>> programmatically determine what IP address it obtained?
>>>
>>> When I look at the Wiki, I find the following reference:
>>>
>>> http://wiki.xenproject.org/wiki/Xen_FAQ_Networking#IP_Determination
>>>
>>> Which suggests using tcpdump for sniffing out packets relating to a
>>> known MAC address.  But that depends on traffic flow from VM, which
>>> could be time consuming if the machine happens to be idle.
>> If the machine is using DHCP then you should be able to observe the DHCP
>> requests and responses, which contain the IP address. I think Xenrt does
>> something around parsing the tcpdump output of that happening, but I'm
>> not sure of the details.
>>
>> Ian.
>
> I believe XenRT snoops ARP and DHCP packets from dom0 using tcpdump, but
> also controls the DHCP server itself.
>
> XenServer also has the guest tools package.  This is a small daemon
> running in the guest which, amongst other things, writes
> /local/domain/$DOMID/attr/eth$N/ip/$DETAILS which is then consumed by
> monitoring tools in dom0.
>
> ~Andrew

Re: Best way to get IP addresses from VMs without logging in to them?

[Andrew Cooper]

On 11/06/14 18:47, Russ Pavlicek wrote:
> Ian,
>
> The tcpdump route is probably in line with the process in the Wiki.
> Still seems like a really awkward solution to me.
>
> Andrew,
>
> Using ARP or the DHCP logs on a machine which runs the DHCP server is
> definitely simpler, but it doesn't apply in my case unfortunately.
> I've used solutions like the daemon you describe in the past, but I
> was hoping not to have to go that way.

ARP and DHCP sniffing is done in dom0.

>
> There isn't any way to execute a command over the Xen console
> interface is there?

No - Xen has no knowledge of networking.  I assume you actually mean dom0.

>   Or query some table from the bridge without
> sniffing packets?  I was hoping there would be some way to query for
> the value, instead of sniffing for one, especially when the virtual
> network wire has to know what IPs are assigned where.

Without cooperation from the guest, something somewhere needs to sniff
for the information.

While the simple case is easy, the general case is not.  The network
setup on the other end of the vif can be arbitrarily complicated with
multiple IP addresses, vlans or bonds.  There are also setups with
multiple vifs.

~Andrew

Re: Best way to get IP addresses from VMs without logging in to them?

[Ian Campbell]

On Wed, 2014-06-11 at 13:47 -0400, Russ Pavlicek wrote:
> the virtual
> network wire has to know what IPs are assigned where.

The virtual network "wire" only knows about MAC addresses, not IP
addresses.

Ian.

Re: Best way to get IP addresses from VMs without logging in to them?

[Russ Pavlicek]

>> There isn't any way to execute a command over the Xen console
>> interface is there?
>
>No - Xen has no knowledge of networking.  I assume you actually mean dom0.

My error in not being specific.  I mean using a script over the "xl
console" interface, kind of like the ssh syntax:

ssh user@vm "commands..."

maybe:

xl console domno "commands..."

or an expect script which could feed the "xl console" interface.

Russ

On Wed, Jun 11, 2014 at 2:14 PM, Ian Campbell <Ian.Campbell@citrix.com> wrote:
> On Wed, 2014-06-11 at 13:47 -0400, Russ Pavlicek wrote:
>> the virtual
>> network wire has to know what IPs are assigned where.
>
> The virtual network "wire" only knows about MAC addresses, not IP
> addresses.
>
> Ian.
>

Re: Best way to get IP addresses from VMs without logging in to them?

[Andrew Cooper]

On 11/06/14 19:36, Russ Pavlicek wrote:
>>> There isn't any way to execute a command over the Xen console
>>> interface is there?
>> No - Xen has no knowledge of networking.  I assume you actually mean dom0.
> My error in not being specific.  I mean using a script over the "xl
> console" interface, kind of like the ssh syntax:
>
> ssh user@vm "commands..."
>
> maybe:
>
> xl console domno "commands..."
>
> or an expect script which could feed the "xl console" interface.
>
> Russ

xl console <domain> connects your current tty up to the vm console.  It
is entirely guest controlled, and likely requires a login and password
as a first step.

~Andrew

Re: Best way to get IP addresses from VMs without logging in to them?

[Don Slutz]

On 06/11/14 14:44, Andrew Cooper wrote:
> On 11/06/14 19:36, Russ Pavlicek wrote:
>>>> There isn't any way to execute a command over the Xen console
>>>> interface is there?

What I use is xen-crashd[1] & crash's command net.  The down side is keeping handy
all the vmlinux files for the guests.

    -Don Slutz

[1] http://lists.xen.org/archives/html/xen-devel/2013-12/msg00234.html

Message-ID: <529CBED8.2000103@CloudSwitch.Com>
References: <1384543221-17634-1-git-send-email-dslutz@terremark.com> <1385720807.20209.58.camel@kazak.uk.xensource.com>




>>> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel 

Re: Best way to get IP addresses from VMs without logging in to them?

[Ian Campbell]

On Wed, 2014-06-11 at 19:44 +0100, Andrew Cooper wrote:
> On 11/06/14 19:36, Russ Pavlicek wrote:
> >>> There isn't any way to execute a command over the Xen console
> >>> interface is there?
> >> No - Xen has no knowledge of networking.  I assume you actually mean dom0.
> > My error in not being specific.  I mean using a script over the "xl
> > console" interface, kind of like the ssh syntax:
> >
> > ssh user@vm "commands..."
> >
> > maybe:
> >
> > xl console domno "commands..."
> >
> > or an expect script which could feed the "xl console" interface.
> >
> > Russ
> 
> xl console <domain> connects your current tty up to the vm console.  It
> is entirely guest controlled, and likely requires a login and password
> as a first step.

It's entirely guest dependent whether there is anything at all running
on the associated tty. If you were using e.g. pvfb you may not end up
with such a thing (some installers key off of what they themselves run
on when deciding whether to create such things).

Also Windows doesn't listen to the serial at all, at least in normal
configurations. YMMV with other OSes too.

If you are doing an automated install then I suppose you could arrange
for some agent or daemon to run, or for the guest to publish its name+IP
somewhere.

Ian.

Re: Best way to get IP addresses from VMs without logging in to them?

[Tamas Lengyel]

[-- Attachment #1.1: Type: text/plain, Size: 2062 bytes --]

It is also possible to read out the guest's network configuration directly
from memory without requiring any login credentials. The task can be done
with the joint use of LibVMI and Volatility. LibVMI supports Xen
out-of-the-box, for Volatility to interpret your guest's memory layout you
need to have a profile. Afterwards, for Linux guests, you can simply issue
the linux_ifconfig command. Take a look at:
http://volatility-labs.blogspot.com/2012/09/movp-25-investigating-in-memory-network.html


On Thu, Jun 12, 2014 at 9:26 AM, Ian Campbell <Ian.Campbell@citrix.com>
wrote:

> On Wed, 2014-06-11 at 19:44 +0100, Andrew Cooper wrote:
> > On 11/06/14 19:36, Russ Pavlicek wrote:
> > >>> There isn't any way to execute a command over the Xen console
> > >>> interface is there?
> > >> No - Xen has no knowledge of networking.  I assume you actually mean
> dom0.
> > > My error in not being specific.  I mean using a script over the "xl
> > > console" interface, kind of like the ssh syntax:
> > >
> > > ssh user@vm "commands..."
> > >
> > > maybe:
> > >
> > > xl console domno "commands..."
> > >
> > > or an expect script which could feed the "xl console" interface.
> > >
> > > Russ
> >
> > xl console <domain> connects your current tty up to the vm console.  It
> > is entirely guest controlled, and likely requires a login and password
> > as a first step.
>
> It's entirely guest dependent whether there is anything at all running
> on the associated tty. If you were using e.g. pvfb you may not end up
> with such a thing (some installers key off of what they themselves run
> on when deciding whether to create such things).
>
> Also Windows doesn't listen to the serial at all, at least in normal
> configurations. YMMV with other OSes too.
>
> If you are doing an automated install then I suppose you could arrange
> for some agent or daemon to run, or for the guest to publish its name+IP
> somewhere.
>
> Ian.
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
>

[-- Attachment #1.2: Type: text/html, Size: 3030 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel