Re: [Xen-users] How to setup Xen for 3 bridges environment?

To:	"Hong @ gmail" <whtsang22@xxxxxxxxx>, Xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject:	Re: [Xen-users] How to setup Xen for 3 bridges environment?
From:	Fernando Maior <fernando.souto.maior@xxxxxxxxx>
Date:	Fri, 27 Jan 2006 09:28:08 -0200
Delivery-date:	Fri, 27 Jan 2006 11:37:28 +0000
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=bfOSyg0s7UUtQrOoIGRq8TTpfvRmQjOTMp08dQ/AELNeIZnbSTNRKqOF4GNwgT2UlO67MdaEXx9WOFmE3ouge58wYI6sXfVIwlXlyb9KVPKoAlzmIdZFfR311eZUGSMWTGkpVafCJYfWeWw6d0MH+KnybQAScYh1G8XD2xOrD+A=
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<000601c62295$89b21a20$470ba8c0@ws02>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<000601c62295$89b21a20$470ba8c0@ws02>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx

Hong,

Did you have a look at Xen wiki documentation? You may
compare http://wiki.xensource.com/xenwiki/XenNetworkingSuse
to your experience and try something like that.

On 1/26/06, Hong @ gmail <whtsang22@xxxxxxxxx> wrote:
>
> Hello,
>
> I am new to Xen and is trying a confugration that simulates a firewall
> environment.
> My target environment is to setup three bridges: one for Wan (xen-br0), one
> for DMZ (xbrdmz) and one for Lan (xbrlan)
> The three subnet are as follows:
> Wan: 192.168.21.0/24
> Dmz: 192.168.22.0/24
> Lan:   192.168.23.0/24
>
> I use xen3.0 and FC4 for both dom0 and domU.
> My machine currently has one Nic, eth0, and I ensalve it into the Wan bridge
> xen-br0.
>
> Dom0 has the IP address 192.168.21.11. I have two domU in DMZ with IP
> 192.168.22.15, 192.168.22.16).
> I use NAT 192.168.21.15 -> 192.168.22.15 and 192.168.21.16 -> 192.168.22.16
> so that the PC from Wan can access the PC.
> Most of the things work fine. I can ping dom0 and the two domU and vice
> versa. I can ssh from dom0 and domU and vice versa and I can ssh from PC on
> Wan to dom0.
> The only problem is that I cannot ssh from PC on Wan to domU.
>
> I have tried another setup. If I don't use the Wan bridge ( xen-br0 ) and
> just use the eth0 and the Dmz bridge (xbrdmz), everything works perfectly.
> (I can ssh from PC on Wan to domU also).
>
> However, I still want to have the Wan bridge cause I can add some domU in
> Wan subnet (so that I can say, add some IDS domU to Wan bridge).
> I have searched the mailing list and find a similar case is:
> http://lists.xensource.com/archives/html/xen-users/2005-06/msg00669.html
>
> I have tried the NOTRACK option but still can help in my case.
>
> Just wonder anyone has setup similar environment?
> Thanks alot.
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>
>


--
Bye,
Fernando Maior
LPIC/1(31908)
LinuxCounter(391325)

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

WARNING - OLD ARCHIVES

xen-users

Re: [Xen-users] How to setup Xen for 3 bridges environment?