[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] How to disable the public ip in Dom0 and enable on DomU

  • To: Sergey Vlasov <vsu@xxxxxxxxxxx>
  • From: Mirco Santori <mirco.santori@xxxxxxxxx>
  • Date: Mon, 19 Oct 2009 14:10:04 +0200
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Mon, 19 Oct 2009 05:11:03 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=EKuOPQc9nKMDLOEBra0Nrt3vT5dGu5qpDYhCT7/XRupxFokgWD7naZ+SEcZi8E/A6Q QseWSUDW/5brnCO8qzEkCLCeOM1MJBem//c6eHcgEwf73kNJlM1sczon9Sj64kLsqXDO AFFJpYvrloh8Gp73xUMmfet8Bk5L2r1U+Hais=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
Hi Sergey,

thank you for explaination .. now is actually much more clear.
It has resolved my problem and now works fine!!
thank you



2009/10/18 Sergey Vlasov <vsu@xxxxxxxxxxx>
On Sun, Oct 18, 2009 at 02:28:39PM +0200, Mirco Santori wrote:
[...]
> What i wish to do is to don't provide any public access to the dom0 (for
> security reason and to keep the other ip address for other things).
[...]
> and here the interface's conf :
>
> auto lo
> iface lo inet loopback
>
> auto xenbr0
> iface xenbr0 inet static
>         address xxxxxxx
>         netmask 255.255.255.xxx
>         network xxxxxxxx
>         broadcast xxxxxxxx
>         gateway xxxxxxx
>         bridge_ports eth0
>         bridge_stp off
>         bridge_maxwait 0
>         dns-nameservers xxx.xx
>         dns-search xxx.com

Just use "inet manual" instead of "inet static":

auto xenbr0
iface xenbr0 inet manual
       bridge_ports eth0
       bridge_stp off
       bridge_maxwait 0

With "inet manual" the network initialization scripts will just bring
the interface up without assigning an IP address - which is exactly
what you need for this bridge.

> auto xenbr1
> iface xenbr1 inet static
>         address 192.168.1.10
>         netmask 255.255.255.0
>         network 192.168.200.0
>         broadcast 192.168.200.255
>         gateway xxx.129
>         bridge_ports eth1
>         bridge_stp off
>         bridge_maxwait 0
>         dns-nameservers xxx.5
>         dns-search xxx.com
>
> Could someone give me some advices or suggest on how to reach my target ?
> I am working with the network-bridge .. should i use NAT or ROUTE xen
> networking ?

Using NAT or ROUTE requires assigning a public IP to dom0 (which then
will be shared with domU when using NAT, or will be used as a gateway
when using ROUTE); only bridge networking can work without IP address
in dom0.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrbVGsACgkQW82GfkQfsqILsgCgj4GeKJqBZv/3NFf/bqRDdM6k
fWIAn2l8ht74AOJ7RpPcd+br1WzBofsg
=x51o
-----END PGP SIGNATURE-----

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.