WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] IP blocking

To: "mail4dla@xxxxxxxxxxxxxx" <mail4dla@xxxxxxxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] IP blocking
From: shacky <shacky83@xxxxxxxxx>
Date: Wed, 8 Aug 2007 12:00:53 +0200
Delivery-date: Wed, 08 Aug 2007 02:58:31 -0700
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=q76Vg6ZqT/932h8aP44AZ3TiSTmg6JtZHhh4nlRQuERE4a9OIK+RjOjTVsclyfUiWJiFPVwt9S1AcC6AbHr7hNUS1bTke0yEOi+dVzxE9dfQH/YVnNwcknivl946SEPlahERnz1Rt3IfJKYCh14k7o0TZjuTSye7W3bAFiJlvyY=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=GeUNenyw6whz/cu7ypamN3++FYfeiWM3uA5SAXHIUo2j/q0dFNipThW8GCPXtfHqnke7h3Txq1RfJxIchK/4d34kGdUMq4S+bX2coKXnItcgoiz6gZqXTTNdH47eYQGo/aNOMaCLzhC1zGXDzEbkGaDgxwnA6oKdfq9/YFjctCA=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <f9264670708080103s2eff1cbeo44090d8758aeb9@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <7fedbc910708060518s510357cdx7e3be43159616815@xxxxxxxxxxxxxx> <f9264670708060553x6ad7df3ao4a8748c1b01da7fc@xxxxxxxxxxxxxx> <7fedbc910708061234u32199d0ekdbe9f124710eb0d7@xxxxxxxxxxxxxx> <f9264670708070921h6efd682as6edccd835047e9c1@xxxxxxxxxxxxxx> <7fedbc910708071028ne830576pf1da9c33b2ab1370@xxxxxxxxxxxxxx> <f9264670708080103s2eff1cbeo44090d8758aeb9@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
> If the DomU is already started, "brctl delif xenbrX vifY.Z" is your friend.
> Before starting, you can simply set "bridge=" in the DomU config file.

Setting "bridge=" will I make no bridge with no interface?

> Yes, and that's the important point: Do you want to do NAT and share one IP
> or should each DomU have its own IP that is visible to the outside?
> In the latter case, the easiest solution is a dedicated subnet for the DomUs
> that is routed via an IP in the DomU. I.e., all traffic targeted to one of
> the DomUs is not sent directly there but to the Dom0.
> AFAIK, most providers of cheap servers with root access do not offer this.

I didn't think about this.
I absolutely need to do routing instead of NAT because all the domUs
needs to be visible to the outside with their own IP address and not
with the IP address of the dom0.
But now the question is: how I can make routing on the dom0 for the
domUs? With NAT 1:1 in Shorewall?

Thank you very much!

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>