WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] Question about using Xen in a periphery firewall/router scen

To: Xen User-List <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-users] Question about using Xen in a periphery firewall/router scenario
From: Sanjay Arora <sanjay.k.arora@xxxxxxxxx>
Date: Thu, 20 Aug 2009 17:03:07 +0530
Delivery-date: Thu, 20 Aug 2009 04:33:47 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=EUvTlBcG0oAwn6UebVuyonUoYrPYy2FldsJibYZPKis=; b=RUwF9G9HLuYEXjKLQs87Eho0bsanPvyglGRqrW9yCMGqj6Pwd0+Kv5yhGimTJ8QYOs K+KXV9f/1g9fQScMipE1NBamcJJl4pD6OLQXY8zmVRg6CCorw03qtcRZ7tDxlj2qQGEt ii57TG0hkBgOaKZ1FDG01CGu6ky/B6MWWAG84=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=vYglvDGgAbkeYAxFtRHwahM8pPqmFyLEPg4nmbwkTIwIOQ+UjABzUrIU4DVHIho5z2 MkoHyKda31HgHwPljNqMJeKCZLAb7/n/JsS8RnJBSNu8w7q0n7eJE8kU2J71YWXwANHP ssSjQ/6Yi6B5RBOtn3wbyt1Nso7IBtQhIPJCI=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hello All

XEN newbie here.

If I install minimal linux for XEN in dom0 and a periphery firewall in
domU and other applications in other instances of domU, is it possible
to restrict/bind the network card to domU having periphery firewall
and from there forward packets for dom0 or for other domUs?

Is this possible? If so, is it secure? Or does dom0 always have direct
access to Network Card and needs a separate firewall? And packets will
always route from dom0 to all domUs ?

What are the issues involved?

With best regards.
Sanjay.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users