WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] NAT and bridge at the same time

from [carlopmart] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] NAT and bridge at the same time
From: carlopmart <carlopmart@xxxxxxxxx>
Date: Fri, 23 Mar 2007 14:24:07 +0100
Delivery-date: Fri, 23 Mar 2007 07:55:00 -0700
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=WRbT9NuhM3ty+YMIDbc6FdX++MGjpAA9UD4tb4bBi0Ljko5K3h8/+BN4K9jlT1uLn48m6zRFgRE4UPRy1bBqwDQEC+Nli7fAHl4KpLQJYW3mpCiT0RNpWEUMlnT65wVHHXxhtSboEvrr6dAJ577doNKfqjdWiJBvAuTVjnK1NE4=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=WifdQ/eklF85nQo8gYwlMX1pZKxY5ifJy72h9to+kmvLlqA6bmciDqCeHkKUwiEX3pPg76ixWFQ941h4weYbT1jULa/z7A6YE0v2j4PWCjiSGNDl+sNdXQUnwU5hq6o7MEihCszqWxe7M6k2D5ynmrpy/2AU8p1o9WkVUALMNzU=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20070323155331.GA1706@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4602A2C9.1000109@xxxxxxxxx> <20070322171456.GB32530@xxxxxxxxxxxxxxxxxx> <460379C3.1010803@xxxxxxxxx> <20070323155331.GA1706@xxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.10 (X11/20070302) 
jez wrote:

On Fri, Mar 23, 2007 at 07:54:59AM +0100, carlopmart wrote:

jez wrote:

On Thu, Mar 22, 2007 at 04:37:45PM +0100, carlopmart wrote:
Somebody knows if is it possible (with xen 3.0.3) to use an eth0 hosts interface as a bridge and nat virtual device at the same time for two virtual guests (one with nat interface and another as a bridge interface )?? How can I do?? 


Can you explain the problem you are trying to solve here and explain
which traffic is to be bridged and which is to be NAT'd? 
Dom0 has only one interface, eth0, is this correct?

Are you saying that you want each VM to have two interfaces eth0 and
eth1, where eth0 is bridged with the local LAN and eth1 is NAT'd? Or are you saying that you have two VMs and you want traffic from one VM to 
be bridged and traffic from the other VM to be NAT'd?

What distribution are you running: Debian? Fedora? ...?

Please be a lot more specific when you ask for solutions to complicated
problems.


Sorry jez ... I will to try to explain:
Dom0 has only one interface: eth0. I have two VMs and I need to use xenbr0 (linked to domU eth0) as a bridge on one VM, and on the other VM another xenbr0 as NAT'd device ... 



If you had answered the questions (your problem?, your distro?) you might
have got a better solution. Too late now though ;-)

When you have the time, I recommend you read:

    http://www.catb.org/~esr/faqs/smart-questions.html

The following shows one way to set up a dom0 that has one interface
eth0, and two domUs vm1 and vm2, so that:

    - Traffic from vm1 is bridged with eth0 on dom0
    - Traffic from vm2 is NAT'd on dom0

We will assume that eth0 on dom0 has an address of 172.16.1.1
# cd /etc/xen/scripts # cp vif-route vif-myroute 

edit /etc/xen/scripts/vif-myroute:

    change:
        main_ip=$(dom0_ip)
    to:
        main_ip=10.0.0.1
        echo 1 > /proc/sys/net/ipv4/ip_forward


config file for vm1 should contain:

    vif = [ '' ]
config file for vm2 should contain: 
    vif = [ 'ip=10.0.0.2,script=vif-myroute' ]


# iptables -t nat -A POSTROUTING -s 10.0.0.2 -o eth0 \
       -j SNAT --to 172.16.1.1


Then start your domUs.

Configure vm2 to have:

    address: 10.0.0.2
    netmask: 255.255.255.252
    gateway: 10.0.0.1

If everything works, then save the iptables rules on dom0:

# /etc/init.d/iptables save

cheers,

jez

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users



Many thanks jez, thats what I need to do ...


--
CL Martinez
carlopmart {at} gmail {d0t} com

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] NAT and bridge at the same time, jez
Next by Date:  Re: [Xen-users] IPs jumping around on domU?, jez
Previous by Thread:  Re: [Xen-users] NAT and bridge at the same time, jez
Next by Thread:  [Xen-users] RE: any idea?, Nicolas
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy