WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] Traffic Counting / port analysis using Xen 3.0.2?

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Traffic Counting / port analysis using Xen 3.0.2?
From: bigfoot29@xxxxxxxxxxxxxxxxxxxxxx
Date: Sun, 21 May 2006 22:14:06 +0200 (CEST)
Delivery-date: Sun, 21 May 2006 13:15:10 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
Importance: Normal
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: SquirrelMail/1.4.6 [CVS]
Hi!

My first post here, so sorry if this question has been asked a hundred
times already. I searched the web for quite some time, but I wasn't able
to find a solution based on the howto's out there...

In Xen 2.0.7 it was easy to do very detailed traffic counting using
mechanisms like tcpdump and such because the system acted like a hub. Now
with 3.0 it got more secure - the bridge acts like a switch. Of course,
that is preferrable, but how can I do a detailed traffic statistics of
different servers I have no access to (owned by other ppl)?

Can/must this be done in the Xen0-domain? Is there an more "elegant" way
(security wise) to fire up an own virtual machine handling this and acting
as a bridge itself?
I am not very comfortable with iptables, so messing around with that would
create more security holes than fix things for me. - What means, that you
shouldn't expect an iptables-hero here :).

Are there any tuts out there handling deeper nested networks using Xen3?
Like:

dom0
|-vm1
|-vm2
|-vm3
|  |-vm4
|  |-vm5
|
|-vm6

where vm3 is acting like a bridge but has the ability to filter/count
passing traffic to vm4 and 5. 4 and 5 have no "direct" connection to dom0
- only by passing the bridge at vm3.

Any help is appreciated :D
Thanks in Advance!

Regards, Bigfoot29.


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>