WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] pfSense HVM

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] pfSense HVM
From: Nicolas Vilz 'niv' <niv@xxxxxxxxxx>
Date: Fri, 28 May 2010 20:59:33 +0200
Delivery-date: Fri, 28 May 2010 12:01:06 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4BFE986C.5000704@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4BFE986C.5000704@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3
On 05/27/10 18:06, Jonathan Tripathy wrote:
Hi Everyone,

Does anybody have any experience using pfSense on Xen? I would most
probably have to use HVM...

actually, i use pfSense in hvm quite a while... it works. recently i tried to get pfSense in pv, but that needs to be polished some time before it is ready to use. (it works, but it is half broken that way and i spent the whole day yesterday to get a clear view on that problem).


My idea would be to use PCI-Passthrough to the pfsense DomU, and only
make the Dom0 accessable via the pfsense firewall

make sure, you can access that dom0 in event of emergency. If anything happens to your pfsense, which is possible, you probably can't access your dom0 anymore and are stuck and thats probably not what you want.

btw, you don't need to passthrough your nic for that behavior. In a bridged setup you just have to leave your bridge interface to the outside without an ip address.

Sincerly Nicolas

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>