Xen xl toolstack on Debian 7.3.0; can't ssh to VM

Question

I've got DOM0 and DOMU running (both Debian 7.3.0 AMD64), and can use both individually and can ssh localhost on both with the expected results. I am setting up the networking by hand to understand how it all goes. The problem comes down to, no matter what I try, if I ssh w.x.y.z on DOM0 in the hope of having a shell on DOMU, I always end up with a shell on DOM0; the vif-bridge does not seem to carry the traffic across and in to the DOMU.

Could someone describe the simplest setup which would achieve this, using just the xl, ip, brctl and iptables comands please?

To be more concrete and provide maybe a starting point, here's a setup I'm currently trying:

===/etc/xen/s1-0-2=============================

name="s1-0-2"
memory=2048
kernel='/root/s1-0-2--vmlinuz'
ramdisk='/root/s1-0-2--initrd'
extra='root=/dev/xvda1 -- console=hvc0'
e820_host=1
disk = [ 'phy:/dev/roots/s1-0-2,xvda,w' ]
vif=[ 'mac=02:12:12:12:12:02,bridge=s1-0-2' ]
vfb = [ 'type=vnc,vncdisplay=2' ]
vnc=1
stdvga=1

===============================================

And then on DOM0 (eth1 is a physical interface without a wire plugged into it):

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -I POSTROUTING -j MASQUERADE
brctl addbr s1-0-2
brctl addif s1-0-2 eth1
xl create /etc/xen/s1-0-2
ip add add 10.133.33.3/24 dev eth1

working on the DOMU console:

ip add add 10.133.33.3/24 dev eth0
ip route add default via 10.133.33.3 dev eth0

and then when back on DOM0 I do

ssh 10.133.33.3

I get a shell prompt on DOM0, whereas I would hope for a shell prompt on DOMU.

Answer 1

Well, what I can see here that you have added the very same ip address to DOM0 and DOMU:

ip add add 10.133.33.3/24 dev eth1

and

ip add add 10.133.33.3/24 dev eth0

Most likely you have already figured this out.