WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] advanced bridging...

Hi Yevgeniy,

For this config you must use network-bridge, so your xend-config.sxp must be:

(network-script network-bridge)
(vif-script vif-bridge)
(dom0-min-mem 192)
(dom0-cpus 0)

If you have eth0 and eth1 configured in your dom0, if you use Debian:

# vi /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
       address XX.XX.XX.XX
       netmask 255.255.255.0
       gateway XX.XX.XX.XX

auto eth1
iface eth1 inet static
       address 10.0.0.1
       netmask 255.255.255.0


When xend starts up will create 2 bridges

xenbr0 (with dom0 eth0 attached)
xenbr1 (with dom0 eth1 attached)

domU config file /etc/xen/domu-config.sxp:

name="domu"
kernel="/boot/vmlinuz-2.6.16.33"
root="/dev/hda1"
cpu=0
memory=192
disk=['file:/xen1/domu.img,hda1,w']

vif=[ 'bridge=xenbr1, vifname=domu.eth0' ]
dhcp="off"
ip="10.0.0.2"
netmask="255.255.255.0"
gateway="10.0.0.1"
hostname="domu.domain.com"

extra="3"

on_poweroff = 'destroy'
on_reboot   = 'restart'
on_crash    = 'restart'


Try this :) and tell me how it works. If something goes wrong, post me the output of an ifconfig, brctl show, xm list

I hope it will be useful,

Marc




Yevgeniy Goldberg wrote:
Marc,

I think this design should work well for me.
Please, post the config file that implemIent it.
Thanks a lot for helping me!


-Eugene
On May 4, 2007, at 2:18 AM, Marc Patino Gómez wrote:

Hi Yevgeniy,

What do you think about the following scheme? I think is quite simple, I would prefer another scheme a little bit more complex to isolate more. Anyway you can put FW rules at dom0.

If it this scheme is quite good for you I can post some config files.

Regards,

Marc

Yevgeniy Goldberg wrote:
Hi Marc,

1    Yes, my DomU's will be in my private network (10.XX.XX.XX)
2 I'm not worried about the FW at this time, just need to be able to connect to all my DomU's over 10. network
3    Her is what I need:

Dom0 has 2 physical NIC;s - eth0 and eth1
my default xenbr0 is bound to eth0, which is on the public network (Internet)
The eth1 of the Dom0 is connected to my 10. private network
DomU should be on the 10. provate network as well as any other unprivileged domains.

Dom0 :      xenbr0->eth0->public Internet
Dom0: eth1->10.0.1.4 private network (this way I could connect to Dom0 from my other computers on the 10.0 network)
DomU (1)           eth0(or what-ever is being assigned)->10.0.1.5
DomU(2)        eth0(or what-ever is being assigned)->10.0.1.6

Please, let me know if more information can be provided.
Thank you for helping me!

-Eugene
On May 3, 2007, at 11:37 AM, Marc Patino Gómez wrote:

Hi Yevgeniy,

I 'm sure to understand this scenario, some questions:

1- your domU's will be in your private network (10.XX.XX.XX) ?
2- You want your xen box to be a FW of your private net?
3- Can you post some kind of scheme of your future network ;)

Regards,

Yevgeniy Goldberg wrote:
Hi Marc,

I saw your recommendation and would like to ask your help in binding my DomU network interface to the physical eth1 I have 2 physical interfaces on my host: eth0 (connected to Internet) and eth1 (connected to my home 10. network) I need to be able to have all my DomU to be connected to the eth1 (of whatever its virtual representation may be)
Any ideas?

Best regards,

-Eugene
On May 3, 2007, at 10:22 AM, Marc Patino Gómez wrote:

Hi Ronan,

do you want to do something like this (see the image) ?

After reading a lot of stuff I made a wrapper of network-bridge, that I call network-bridge-wrapper, here is it:

#!/bin/sh
/etc/xen/scripts/network-bridge start bridge=xenbr0 vifnum=0
/usr/sbin/brctl addbr xenbr1
/sbin/ifconfig xenbr1 up

I changed the line in xend-config.sxp that calls, network-bridge to call network-bridge-wrapper ...

If you want I can post more info about this config (my domu config files, iptables, ebtables....). I'm using Debian, so... I hope scripts in CentOS are so close to Debian.

Regards,

Marc


Ronan wrote:
My situation:
Running centos5 on a machine directly connected to internet.
I have a paravirtualised centos5 core machine in domu1 with only 1 eth configured eth0 dy dhcp.

What I want:
to configure the dom0 bridge to simply route all traffic at ethernet level to dom1(firewall/router) and have dom1 then nat if out to my other domu's and machines on my private 192.168 network using dhcpd configured on eth1 on the machine.

My difficulties:
setting up the dom0 bridging to do what i want ie xenbr0 to eth0 on domu1 and then xenbr1 to eth1 on domu1

I then intend to remove / lock dom0 down and only use the domu's as dhcp configured servers.

There are a couple of URLs i've looked at
http://lists.xensource.com/archives/html/xen-users/2006-02/msg00602.html

etc but there aren't any specific configuration information.
Can i get some pointers as to where to look, or even example configs?

thanks

Ronan

(ps if this is the 3rd like message of mine today i apologise, I can tell if the other two messages i send actually did...)


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<xen.png>
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<xen2.png>


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>