 Home |
Products |
Support |
Community |
News |
xen-devel
Re: [Xen-devel] NAT through Dom0 on unstable branch
| To: | xen-devel@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | Re: [Xen-devel] NAT through Dom0 on unstable branch |
| From: | Toens Bueker <toens.bueker@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> |
| Date: | Tue, 21 Jun 2005 21:15:13 +0200 |
| Delivery-date: | Tue, 21 Jun 2005 20:11:48 +0000 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| In-reply-to: | <fa8d26480506201140246713f7@xxxxxxxxxxxxxx> |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| References: | <fa8d26480506201140246713f7@xxxxxxxxxxxxxx> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
| User-agent: | Mutt/1.5.9i |
Eitan Isaacson <ee.jay.eye@xxxxxxxxx> wrote:
> These are the steps that I take (note, these steps worked fine in
> "testing" and "stable" branches):
>
> I first set up a bridge with a private IP:
>
> brctl addbr mybr0
> ip addr add 192.168.0.1/24 dev mybr0
> ip link set mybr0 up
>
> These are my network scripts in the xend config file:
>
> (network-script network-route)
> (vif-script vif-bridge)
> (vif-bridge mybr0)
>
> I start a DomU with an IP of 192.168.0.101, and I am able to ping Dom0
> (192.186.0.1).
>
> I enable IP forwarding, and I set up NAT:
>
> sysctl -w net.ipv4.ip_forward=1 # (if not allready done by xend)
> iptables -t nat -A POSTROUTING -j MASQUERADE \
> -o eth0 -s 192.168.0.1/24
An alternative solution would be:
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/24 -j SNAT \
--to-source <your.public.ip.address>
for incoming connections you could do some portforwarding:
iptables -t nat -A PREROUTING -i eth0 -d <your.public.ip.address> \
-p tcp --dport 80 -j DNAT --to-dest <ip.address.of.domU>
by
Töns
--
There is no safe distance.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-devel] Configuring kernels..., Sam Johnston |
|---|---|
| Next by Date: | Re: [Xen-devel] VMX device models not getting created anymore?, Arun Sharma |
| Previous by Thread: | Re: [Xen-devel] Re: NAT through Dom0 on unstable branch, Sheng S Lu |
| Next by Thread: | Re: [Xen-devel] NAT through Dom0 on unstable branch, Rusty Russell |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
