Re: [Xen-users] Problem Bridging Connections

[Simon Hobson <linux@xxxxxxxxxxxxxxxx>]

Casey DeLorme wrote:

> My objective is to run a HVM PFSense, with eth0 to xenbr0 as WAN and 
> xenbr1 to eth1 as LAN, and I want Dom0 inside the network (part of 
> LAN not WAN).
> As far as I can tell it is working, a Windows 7 x64 HVM and a Debian 
> Squeeze HVM both have Internet access using xenbr1, and eth1 is 
> wired to a switch where five additional devices also have Internet 
> access.
> However, Dom0 does not receive a connection at all, and has no 
> access inside the LAN or to the Internet.
>
> The basic appearance of my /etc/network/interfaces:
>
> auto lo xenbr0 xenbr1
> iface lo inet loopback
> iface eth0 inet manual
> iface eth1 inet manual
> iface xenbr0 inet manual
>         bridge_ports eth0
> iface xenbr1 inet manual
>         bridge_ports eth1
>
>
> I have tried setting a static IP on xenbr1, and eth1 to no avail. 
> ifconfig sees the values but no access to LAN is available.
You will need an IP address in xenbr1, and I don't think you need the 
eth<n> entries at all - and don't forget that you'll need a default 
route via the firewall virtual device.
Do you have communications between Dom0 and the firewall itself ?
Lastly, I think there are options for Xen to add iptables rules to 
limit traffic on a VIF to just the guests IP address, I assume these 
aren't turned on ?
--
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users