WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-users] How to setup Xen for 3 bridges environment?

from [Hong @ gmail] [Permanent Link][Original]
To: <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-users] How to setup Xen for 3 bridges environment?
From: "Hong @ gmail" <whtsang22@xxxxxxxxx>
Date: Fri, 27 Jan 2006 00:28:22 +0800
Delivery-date: Thu, 26 Jan 2006 16:41:18 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:from:to:subject:date:mime-version:content-type:x-priority:x-msmail-priority:x-mailer:x-mimeole; b=Al8dzAnwQaC700tPKtPaHc86JAptdtXAgdtu3YEagjJ0DOWj5BvSTb1HpwxEFSBHr6vxexjlWRbihI6zxKHfDzbdvtLNlyuejGrgb2iP8pBZXeE3TGbj9sZYObo+MAHuQwGqDbix36zSY1DDsblxGaUIbV7eh1q8hykEcA7+2B0=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hello,
 
I am new to Xen and is trying a confugration that simulates a firewall environment.
My target environment is to setup three bridges: one for Wan (xen-br0), one for DMZ (xbrdmz) and one for Lan (xbrlan)
The three subnet are as follows:
Wan: 192.168.21.0/24
Dmz: 192.168.22.0/24
Lan:   192.168.23.0/24
 
I use xen3.0 and FC4 for both dom0 and domU.
My machine currently has one Nic, eth0, and I ensalve it into the Wan bridge xen-br0.
Dom0 has the IP address 192.168.21.11. I have two domU in DMZ with IP 192.168.22.15, 192.168.22.16).
I use NAT 192.168.21.15 -> 192.168.22.15 and 192.168.21.16 -> 192.168.22.16 so that the PC from Wan can access the PC.
Most of the things work fine. I can ping dom0 and the two domU and vice versa. I can ssh from dom0 and domU and vice versa and I can ssh from PC on Wan to dom0.
The only problem is that I cannot ssh from PC on Wan to domU.
 
I have tried another setup. If I don't use the Wan bridge ( xen-br0 ) and just use the eth0 and the Dmz bridge (xbrdmz), everything works perfectly. (I can ssh from PC on Wan to domU also).
 
However, I still want to have the Wan bridge cause I can add some domU in Wan subnet (so that I can say, add some IDS domU to Wan bridge).
I have searched the mailing list and find a similar case is:
I have tried the NOTRACK option but still can help in my case.
 
Just wonder anyone has setup similar environment?
Thanks alot.
 
 
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] Fedora 4 Compile environment, Timo Virtaneva
Next by Date:  [Xen-users] Live migration bandwidth limits, Travis Vachon
Previous by Thread:  [Xen-users] Fedora 4 Compile environment, Timo Virtaneva
Next by Thread:  Re: [Xen-users] How to setup Xen for 3 bridges environment?, Fernando Maior
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy