WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] IP blocking

e
the best thing is one interface to manage dom0
and another interface for the domU
each interface on different subnet

Rick


shacky wrote:
If the DomU is already started, "brctl delif xenbrX vifY.Z" is your friend.
Before starting, you can simply set "bridge=" in the DomU config file.

Setting "bridge=" will I make no bridge with no interface?

Yes, and that's the important point: Do you want to do NAT and share one IP
or should each DomU have its own IP that is visible to the outside?
In the latter case, the easiest solution is a dedicated subnet for the DomUs
that is routed via an IP in the DomU. I.e., all traffic targeted to one of
the DomUs is not sent directly there but to the Dom0.
AFAIK, most providers of cheap servers with root access do not offer this.

I didn't think about this.
I absolutely need to do routing instead of NAT because all the domUs
needs to be visible to the outside with their own IP address and not
with the IP address of the dom0.
But now the question is: how I can make routing on the dom0 for the
domUs? With NAT 1:1 in Shorewall?

Thank you very much!

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>