WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] networking in xen

bofh wrote:

Question on setting up networking in xen. I want to do the following on my laptop:

dom0 is attached to eth0 and ath0.

dom1 is going to by my virtual firewall for all my virtual machines. So I assume 3 interfaces, a bridge to eth0, ath0 and a virtual interface?

dom2 and so on will route all their traffic through dom1 (through the virtual interface)

I've read the documentation a few times, and I keep getting lost...

Is there any easy way to set up what would amount to two virtual switches...?



To add a wrinkle... :) :)

Would it be possible to set up one more (non-routable) network that dom0..domN will all attach to (for sharing files internally, obviously)?

All of that is no problem. BTW - it would help to specify what distro you are using as there are some differences in how it's set up.

Networking is generally fairly simple in Xen. The most common setup is that you create one or more bridges in Dom0, attach one or more physical interfaces to those bridges, and attach clients (DomUs) to the bridges via virtual interfaces (VIFs).

So, for your setup you'd need three bridges - lets just call them br0, br1, and br2 though you can call them anything you like (for example, at work I use ethint, ethext, and ethbak for the internal, outside, and backend networks).

You'd attach eth0 and ath0 to br0 and this would be your outside network.
You'd fire up your gateway DomU and connect it to both br0 and br1 - you'd get vifn.0 and vifn.1 in Dom0 which connect to eth0 and eth1 in DomU (where n is the Xen vm number). The DomU can now route/bridge/filter traffic between eth0 and eth1 and that will control how traffic passed between br0 and br1, and hence between other guests and the outside world. For your other guests, you would just connect them to br1 and they'd only have a single interface which will appear as eth0.

For your management lan, you simply add an additional virtual interface to each guest and connect it to br2.

Advice seem to be to avoid the scripts provided with Xen and setup your own bridges. Having done it both ways - my older machines do it with Xen scripts, my newest do it the Debain way - I prefer doing my own bridges. In Debian it's as simple (i think) as adding this to /etc/network/interfaces :

auto br0
iface br0 inet static
  bridge_ports eth0 ath0
  address 192.168.x.y
  netmask 255.255.255.0

This automatically creates br0, gives it an address, and attaches eth0 and ath0 to it. You need to double check the ath0 stuff, I vaguely recall issues adding wireless nics to bridges but I don't recall what the issues were or if they applied in this sort of situation.

--
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>