|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Traffic Counting / port analysis using Xen 3.0.2?
I think you can setup bridges in any config you want, so I'm pretty sure you can accomplish what you're trying to do. you should be able to setup a bridge with most of the domus on it and one gateway domu, with an interface on the main bridge, and another interface on a front bridge with the real eth0. then it could setup it's own bridge between the two, and it would then be in a position to do bridge based firewalling or accounting. I found this page helpful: http://wiki.xensource.com/xenwiki/XenNetworkingAnd then this page, which shows how the shorwall guy setup a slightly more complex Xen network: http://shorewall.net/XenMyWay.html hope that helps. --fess On May 21, 2006, at 1:14 PM, bigfoot29@xxxxxxxxxxxxxxxxxxxxxx wrote: Hi! My first post here, so sorry if this question has been asked a hundredtimes already. I searched the web for quite some time, but I wasn't ableto find a solution based on the howto's out there... In Xen 2.0.7 it was easy to do very detailed traffic counting usingmechanisms like tcpdump and such because the system acted like a hub. Nowwith 3.0 it got more secure - the bridge acts like a switch. Of course, that is preferrable, but how can I do a detailed traffic statistics of different servers I have no access to (owned by other ppl)?Can/must this be done in the Xen0-domain? Is there an more "elegant" way (security wise) to fire up an own virtual machine handling this and actingas a bridge itself?I am not very comfortable with iptables, so messing around with that would create more security holes than fix things for me. - What means, that youshouldn't expect an iptables-hero here :).Are there any tuts out there handling deeper nested networks using Xen3?Like: dom0 |-vm1 |-vm2 |-vm3 | |-vm4 | |-vm5 | |-vm6 where vm3 is acting like a bridge but has the ability to filter/countpassing traffic to vm4 and 5. 4 and 5 have no "direct" connection to dom0- only by passing the bridge at vm3. Any help is appreciated :D Thanks in Advance! Regards, Bigfoot29. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |