[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] How to setup my Xen network?

----- lists@xxxxxxxxxxxxx wrote:

> Hi all,
> 
> I have several servers I'd like to consolidate to Xen 3.2 and I am
> having a bit of trouble with firewalls and the best network
> environment to chose from.  I have read documentation here and there
> but I am a bit confused now and after some advice or specific
> documentation.
> 
> 1/ I'd like the following but have had problems getting ut to work
> with a firewall on Dom0
> 
> 
>                                 |-> Dom1 (10.0.0.10) - Mail
> WAN <-----> eth0 Dom0 <---------|-> Dom2 (10.0.0.10) - Web
>         (87.98.252.205)         |-> Dom3 (10.0.0.10) - Web
> 
> Where Dom0 is the firewall and DomUs are natted.  Dom0 would have a
> web proxy to redirect http to the right server.  I tried getting this
> to work with shorewall but it's a no go.  Has someone managed this
> setup with a proper firewall in place?
> 
> 2/ Second option would be to use a bridge but I'm not sure the
> following would work
> 
>           |-> Dom0 87.98.252.205 - (Restricted)
>           |-> Dom1 98.12.113.200 - Mail
> WAN <-----|-> Dom2 99.130.15.200 - Web
>           |-> Dom3 85.99.120.113 - Web
> 
> Can I have a bridge with public IPs in completely different ranges?
> 
> 3/ Last but not least is a theory I found about putting the Dom1 as
> the firewall, locking out Dom0 for security reason and have the whole
> environment natted.  If this would work for me, is there any
> documentation?  I see threads and attempts but no real documentation
> on how this is done.
> 
> Many thanks for any help you can provide.  Like I said, pointers to
> good documentation is more than welcome!
> --
> eco


I guess what I am asking for is advice on how to make 3 DomUs available to the 
internet through one physical interface with a minimum of risk.  I'd rather 
only use one public IP but I can have access to several more but in different 
ranges as shown above.

Any documentation explaining how to do this is welcome.

Thanks
--
eco

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.