|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Re: Setting up firewall as Dom-U
I have a DomU firewall, running Astaro Security Gateway as a hvm. My base OS / dom0 is Centos 5.1. I have a total of four ports in the box now, two built in and two on a pci-e card. I have them all defined in /etc/sysconfig/network-scripts, but only eth0 has an ip address, or is set to come up at boot. The xend network scripts take care of bring up the other interfaces, clearing their mac addresses and adding them to bridges. # cat ifcfg-eth0 # Intel Corporation 80003ES2LAN Gigabit Ethernet Controller (Copper) DEVICE=eth0 BOOTPROTO=static BROADCAST=192.168.2.255 IPADDR=192.168.2.8 NETMASK=255.255.255.0 NETWORK=192.168.2.0 ONBOOT=yes # cat ifcfg-eth2 (also eth1 and eth3) # Intel Corporation 82571EB Gigabit Ethernet Controller DEVICE=eth2 ONBOOT=no BOOTPROTO=none The firewall is bound to 4 bridge devices, three physical interfaces and a fourth which is bound to a dummy interface. The fourth bridge (xenbr3) provides a DMZ for some of my virtual machines to network with. They have limited internet acccess and exposed ports, without having access to my internal lan. In the HVM, Astaro just sees four physical ethernet interfaces, it is oblivious to what's going on behind the scenes. One interface connects directly to my cable modem, one to wireless access point, the third to my internat lan. Gordon _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |