|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-users] Re: Network isolation - PCI passthrough question
let's see if I understand, something like: domU (eth0) -> (PCI passthru) -> nic0 this domU will be like an appliance firewall, eth0 which is directly configured to pci-dev nic0 is effectively the WAN interface of the domU firewall. other domU vms are on the LAN side of firewall, so you need a "virtual LAN" bridging to lo interface can be problematic. instead, from dom0, configure several 'tap' interfaces (see tunctl), and those can act as LAN interface of the firewall domU and the interfaces of all other domU vms. They can all be bridged together tunctl -t tap0 tunctl -t tap1 ... # then brctl addbr tap-br0 brctl addif tap-br0 tap0 brctl addif tap-br0 tap1 ... then assign tap0 to firewall domU, tap1 to first domU vm ... is this what you're trying to accomplish? -- View this message in context: http://xen.1045712.n5.nabble.com/Network-isolation-PCI-passthrough-question-tp3312014p3312437.html Sent from the Xen - User mailing list archive at Nabble.com. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |