| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Xen4 Two-Way Routed Network & NAT
Bain, Duncan John wrote:
Currently I have Xen running in a two-way routed network, with all
DomU's having public IPs (they are also accessed by these).
What I want is to also have a selection of DomU's running alongside
with private IPs (192.168.0.XXX range). And then forwarding requests
depending on what public IP address and port are used to these
DomU's.
I've created a DomU with this setup.
address 192.168.0.10
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
I've created a bridge (br1) with the IP 192.168.0.1 and I've set
'bridge=br1' in the vif section of the DomU config.
From the DomU I can ping Dom0 but no other traffic else makes it
out at all. I also cannot ping the DomU from Dom0.
I've tried adding all sorts of routes but to no avail.
OK, adding routes will not help - even if you routed your 192.168
addresses out, your ISP would drop the packets.
You need to configure NAT (Masq, or Masquerade, in iptables
terminology) from the 192.168 network to the public network. I can't
help with doing it in Dom0 - I've only ever set up 3 systems with
Masq, and that's been done with Shorewall.
What I have done a couple of time though is setup a DomU just to do
the routing/nat/firewall stuff. At home I use PCI passthrough to make
the outside interface native on the firewall guest, and that does all
the nat and filtering before passing traffic through to the internal
network.
There's nothing (AFAIK) fundamentally stopping you doing it in Dom0 though.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home