[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] NAT and bridge at the same time

  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: carlopmart <carlopmart@xxxxxxxxx>
  • Date: Fri, 23 Mar 2007 14:24:07 +0100
  • Delivery-date: Fri, 23 Mar 2007 07:55:00 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=WifdQ/eklF85nQo8gYwlMX1pZKxY5ifJy72h9to+kmvLlqA6bmciDqCeHkKUwiEX3pPg76ixWFQ941h4weYbT1jULa/z7A6YE0v2j4PWCjiSGNDl+sNdXQUnwU5hq6o7MEihCszqWxe7M6k2D5ynmrpy/2AU8p1o9WkVUALMNzU=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
jez wrote:

On Fri, Mar 23, 2007 at 07:54:59AM +0100, carlopmart wrote:

jez wrote:

On Thu, Mar 22, 2007 at 04:37:45PM +0100, carlopmart wrote:
Somebody knows if is it possible (with xen 3.0.3) to use an eth0 hosts interface as a bridge and nat virtual device at the same time for two virtual guests (one with nat interface and another as a bridge interface )?? How can I do?? 


Can you explain the problem you are trying to solve here and explain
which traffic is to be bridged and which is to be NAT'd? 
Dom0 has only one interface, eth0, is this correct?

Are you saying that you want each VM to have two interfaces eth0 and
eth1, where eth0 is bridged with the local LAN and eth1 is NAT'd? Or are you saying that you have two VMs and you want traffic from one VM to 
be bridged and traffic from the other VM to be NAT'd?

What distribution are you running: Debian? Fedora? ...?

Please be a lot more specific when you ask for solutions to complicated
problems.


Sorry jez ... I will to try to explain:
Dom0 has only one interface: eth0. I have two VMs and I need to use xenbr0 (linked to domU eth0) as a bridge on one VM, and on the other VM another xenbr0 as NAT'd device ... 



If you had answered the questions (your problem?, your distro?) you might
have got a better solution. Too late now though ;-)

When you have the time, I recommend you read:

    http://www.catb.org/~esr/faqs/smart-questions.html

The following shows one way to set up a dom0 that has one interface
eth0, and two domUs vm1 and vm2, so that:

    - Traffic from vm1 is bridged with eth0 on dom0
    - Traffic from vm2 is NAT'd on dom0

We will assume that eth0 on dom0 has an address of 172.16.1.1
# cd /etc/xen/scripts # cp vif-route vif-myroute 

edit /etc/xen/scripts/vif-myroute:

    change:
        main_ip=$(dom0_ip)
    to:
        main_ip=10.0.0.1
        echo 1 > /proc/sys/net/ipv4/ip_forward


config file for vm1 should contain:

    vif = [ '' ]
config file for vm2 should contain: 
    vif = [ 'ip=10.0.0.2,script=vif-myroute' ]


# iptables -t nat -A POSTROUTING -s 10.0.0.2 -o eth0 \
       -j SNAT --to 172.16.1.1


Then start your domUs.

Configure vm2 to have:

    address: 10.0.0.2
    netmask: 255.255.255.252
    gateway: 10.0.0.1

If everything works, then save the iptables rules on dom0:

# /etc/init.d/iptables save

cheers,

jez

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users



Many thanks jez, thats what I need to do ...


--
CL Martinez
carlopmart {at} gmail {d0t} com

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.