|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-users] Firewall in domU, networking in XEN
Hi all, I want to run XEN on a dedicated server with following structure: dom0 as hypervisor. domU1 as a gateway - firewall, DNS, openVPN and maybe DHCP server. Firewalling via Shorewall. domU2 as internal server with several services (Apache, MySQL available locally) domU3 as DMZ with external Apache server that can be queried from external. users from the outside should connect to OpenVPN at domU1 and have an access to the services on domU2. Apache on domU3 will connect to MySQL at domU2 and present the data to the client. That should ensure better security in case when domU3 is exposed. domU1 should ensure firewalling the system, port forwarding 80 to domU3 and creating a NAT. The physical machine will have one NIC with one public IP. My question, as a XEN beginner: is this config quite feasible ? What should be improved ? Should I use bridged or routed mode in XEN ? I know that I have to enable NIC at domU1 by adding pci and netif=1 parameters to the config. I also found this link:http://www.shorewall.net/3.0/XenMyWay.html In my case I have only one public IP and I don't have wifi zone. I don't want to assign public IP to the domU2, just forward the port. Will assigning the public IP in domU2 improve scalability if we want to add more public-available services ? Any recommended tutorials, howtos ? Thanks Slawek Kosowski _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |