WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] static ip for hvm's

from [Nick Craig-Wood] [Permanent Link][Original]
To: Liang Yang <multisyncfe991@xxxxxxxxxxx>
Subject: Re: [Xen-devel] static ip for hvm's
From: Nick Craig-Wood <nick@xxxxxxxxxxxxxx>
Date: Mon, 13 Nov 2006 19:31:31 +0000
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, Tommie McAfee <tommie.mcafee@xxxxxxxxxx>
Delivery-date: Mon, 13 Nov 2006 11:31:57 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <BAY125-DAV1788747B0170F5413D37DC93F40@xxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <1163434794.21301.11.camel@mah-chine> <20061113170253.1713D14C34B@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <BAY125-DAV52C801E7B1A49739E45CE93F40@xxxxxxx> <1163441881.21301.25.camel@mah-chine> <BAY125-DAV1300BD2C2A726CF8B55CEB93F40@xxxxxxx> <20061113185149.GA5041@xxxxxxxxxxxxxx> <BAY125-DAV1788747B0170F5413D37DC93F40@xxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11) 
On Mon, Nov 13, 2006 at 12:14:09PM -0700, Liang Yang wrote:
> What is the advantage of using xen router over xen bridge?

Routing is a lot simpler, compare the lengths of the setup scripts...

  311 network-bridge
   67 vif-bridge

vs

   19 network-route
   56 vif-route

When routing the linux kernel of dom0 makes the routing decisions
using the routing table we all know and love.

If you set route filtering

  echo 1 > /proc/sys/net/ipv4/conf/INTERFACE/rp_filter

then it is easy to make sure that the domUs can't steal any IP
addresses which don't belong to them, nor spoof any IP traffic.  No
iptables magic required.

Also every time I take a bridge down it seems to crash the computer!

I guess I'm just allergic to bridging/switching in general having had
to debug some horrible networking problems in the past all caused by
misconfigured or faulty switches ;-)

YMMV of course!

> Then how about using Xen NAT over Xen router and bridge? Could you
> shed some lights here?

I haven't tried Xen NAT.  If I was going to do it then I'd do it using
iptables/shorewall in domU.

-- 
Nick Craig-Wood <nick@xxxxxxxxxxxxxx> -- http://www.craig-wood.com/nick

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] xend pciback-config-parsing broken, Patrick Scharrenberg
Next by Date:  Re: [Xen-devel] Re: How to intercept memory operation in Xen, Abhinav Srivastava
Previous by Thread:  Re: [Xen-devel] static ip for hvm's, Liang Yang
Next by Thread:  Re: [Xen-devel] static ip for hvm's, Nick Craig-Wood
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy