[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Bridging firewall?

> Is it possible with Xen to construct something like the following scenario.
>
> Free/NetBSD (*) domU server running pf or Linux/iptables, acting as a
> routing or bridging firewall for all the other domU guests? Further more
> create virtual DMZ and internal services.
>
> You'd probably keep the dom0 instance otherside this setup, with its own
> filtering arrangement.
>

If you give direct network device access to first domU you can set-up your 
scheme fairly easily. Otherwise (in the standard setup) dom0 will be handling 
all the incomming/outgoing traffic with no involvment from first domU (so no 
firewall possible there). 

Cheers
Gregor

> For instance, you have a subnet 192.168.1.0/24.  Put the dom0 on
> 192.168.1.254. Have the firewall router domU running on 192.168.1.1 and
> acting as the gateway for all the other machines on the subnet.
>
>
> (*) This is my dream, using pf for security and debian for serving the
> applications. ;)
>
> Nicholas
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
> Tool for open source databases. Create drag-&-drop reports. Save time
> by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
> Download a FREE copy at http://www.intelliview.com/go/osdn_nl
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/xen-devel

-- 
Quidquid latine dictum sit, altum viditur --- Anon


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.