WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

Re: [Xen-users] Force traffic out one interface

from [Fajar A. Nugraha]

[Permanent Link][Original]

To:	Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
Subject:	Re: [Xen-users] Force traffic out one interface
From:	"Fajar A. Nugraha" <fajar@xxxxxxxxx>
Date:	Sun, 13 Jun 2010 23:02:24 +0700
Cc:	Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Sun, 13 Jun 2010 09:05:20 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<4C14FD27.2080100@xxxxxxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<4C14FD27.2080100@xxxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx

On Sun, Jun 13, 2010 at 10:45 PM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote:
> Hi Everyone,
>
> Does anyone know any rules that I could use (using iptable, ebtables, or
> otherwise) that could force all traffic coming from a guest to go out via a
> particular interface? I wish to stop "inter-guest" communication, without
> going via my firewall first.

IIRC Xen bridged networking by default passes domU traffic through the
bridge on dom0 (even for inter-guest communications). Try setting up
some rules there (i.e. make dom0 your firewall).

If you want to use an external firewall (not in dom0), then no, I
don't know of any way to do that.

-- 
Fajar

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] Force traffic out one interface, Jonathan Tripathy Message not available Re: [Xen-users] Force traffic out one interface, Jonathan Tripathy Re: [Xen-users] Force traffic out one interface, Fajar A. Nugraha <= Re: [Xen-users] Force traffic out one interface, Jonathan Tripathy Re: [Xen-users] Force traffic out one interface, Fajar A. Nugraha Re: [Xen-users] Force traffic out one interface, Jonathan Tripathy Re: [Xen-users] Force traffic out one interface, Felix Kuperjans Re: [Xen-users] Force traffic out one interface, Jonathan Tripathy Re: [Xen-users] Force traffic out one interface, Felix Kuperjans

Previous by Date:	Re: [Xen-users] Bridge rules, Fajar A. Nugraha
Next by Date:	Re: [Xen-users] Force traffic out one interface, Jonathan Tripathy
Previous by Thread:	Re: [Xen-users] Force traffic out one interface, Jonathan Tripathy
Next by Thread:	Re: [Xen-users] Force traffic out one interface, Jonathan Tripathy
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix