|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] using both bridged and routed networking
Fajar A. Nugraha wrote: DON'T let xen setup bridges/route for you (i.e. using xend-config.sxp) DO setup your own bridges (e.g. setup on /etc/network/interfaces) DO use bridge + route/NAT instead of trying to mimick xen-style routed setup. To add to that, this is what I'd do (I use Debian) :Setup TWO bridges, using the host OS tools - in the case of Debian it is trivially easy to create bridges in /etc/network/interfaces. One of these bridges might not have an external NIC connected to it - it depends on what else is connected in your network. I'll call these brext and brint for convenience.For those devices which get an outside IP, connect their VIFs to brext when creating them (bridge = brext in the VIF statement or something similar). For those devices which are routed/NATed, connect their VIFs to brint.Now, you can either do the routing/NAT in Dom0, or what I've done at home is to run a small DomU just as a 2 port router. It has two VIFs* connected to brint and brext - you can run whatever OS or firewall appliance you like/have the skills to setup and manage for this (I just use Shorewall and Debian, others prefer something 'packaged'). * Actually, one interface was for a while a native NIC made available by PCI passthrough - but the principal is the same. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |