[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] advanced bridging...



Hi Marc,

I have seen two network diagrams of you passing in the thread already and they 
both helped me understand the Xen networking a lot better.

The first diagram explained how to setup a Xen system with 1 physical NIC, 
where one domU acts as a firewall for the other domU's. In this scenario, 
dom0 is connected to the bridge that links to the unsafe net (the "outside" 
network for the domU firewall).

The second diagram explained who to setup a Xen system with 2 physical NICs, 
dom0 acts as a firewall between the two NICs. It is setup with two bridges, 
one that connects the internet side of the virtual network (first physical 
NIC and first virtual NIC) and one that connects the LAN side of the virtual 
network (seconf physical NIC for the rest of the LAN, second virtual NIC for 
dom0 and virtual NICs for the different domU's).

Unfortunatly, what I am trying to achieve is yet another slight variation. See 
the attached image.

I would like to setup a system with two physical NICs (peth0 and peth1), where 
the firewall runs in domU.

For that I would like to setup two xen bridges.
The first is on the LAN side, and is a typical Xen bridge: one physical NIC, a 
virtual NIC for dom0 and one for domU.

The second would be on the internet side, but it should NOT have a virtual NIC 
for dom0, only for domU. The idea is that dom0 should not be accessible from 
the internet, only from the LAN.

Is such a setup possible ? And if yes, how ?

Thank you.

Geert Janssens

P.S. in an earlier attempt I tried to eliminate the second bridge altogether 
by assigning peth1 directly to the domU with PCI back. Unfortunatly, I can't 
seem to get PCI back working correctly on my system, so I'd like to try this 
alternative approach.

-- 
Kobalt W.I.T.
Web & Information Technology
Brusselsesteenweg 152
1850 Grimbergen

Tel  : +32 479 339 655
Email: info@xxxxxxxxxxxx

Attachment: XenList-Network with double xenbr.png
Description: PNG image

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.