WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Packet modification on Xen virutal Bridge

To: nikki-2009 <n.kawaguti@xxxxxxxxx>
Subject: Re: [Xen-users] Packet modification on Xen virutal Bridge
From: Thaddeus Hogan <thaddeus@xxxxxxxxxx>
Date: Sat, 27 Jun 2009 18:45:35 -0500 (CDT)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sat, 27 Jun 2009 16:46:25 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <23688472.21246145856546.JavaMail.BANANA$@banana>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
I'm not sure how you would generically intercept and modify packets short of writing a module for netfilter.  But if you are looking specifically to encrypt in tunnel packets to another location I would recommend OpenVPN.

Xen bridges are just Linux bridge interfaces, and so can be used to bridge any networking devices.  For example you could run OpenVPN and create a tap0 device for the VPN, then add that device to xenbr0.  Now when you connect an OpenVPN client to that host, all traffic on the xenbr0 bridge will be mirrored to tap0, which will then be present on tap0 on the other side of the VPN link.

I would suggest thought that you try to accomplish your task at layer-3 since IMHO routing is simpler in implementation than bridging over a VPN.

Can you provide more details on what it is you're trying to do?


----- Original Message -----
From: "nikki-2009" <n.kawaguti@xxxxxxxxx>
To: xen-users@xxxxxxxxxxxxxxxxxxx
Sent: Saturday, June 27, 2009 10:28:12 AM GMT -06:00 US/Canada Central
Subject: [Xen-users] Packet modification on Xen virutal Bridge


Hi guys,

Now, I'm looking for a method to modify packet headers/contents when they
arrive at xen bridges (e.g. xenbr0). For example, I consider a following
operation; when a xen bridge recieves a packet(frame), it firstly encrypts
the content using a predefined key, and then forwards it to other
host/router.

Is is possible to add such functionality to the xen bridge ?
Any ideas, comments or suggestions are welcome.

Thanks in advance.

--
View this message in context: http://www.nabble.com/Packet-modification-on-Xen-virutal-Bridge-tp24234052p24234052.html
Sent from the Xen - User mailing list archive at Nabble.com.


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>