[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Question about assigning NICS

On Sat, 2005-11-19 at 12:29 +0100, Stephan Seitz wrote:
> i don't see your problem. you surely don't need privileged domU's for
> accessing a NIC at protocol level.

That is my misunderstanding, then; I had read that in another post while
I was searching for Xen + DomU firewall setups.

> if i understand you right, you're going to configure a domU as
> firewall to the internet?


> so, if your ISP provides you with dhcp, the only thing you need is the
> xenbr0 configured as right out of the
> box and one domU configuring it's primary (thou virtual) NIC via dhcp.

Will the domU's NIC (eth0, configured through DHCP) get the IP address
from the ISP or from the DHCP server I currently have on my network?

> at dom0 you'll probably want to setup
> a private net (just keep the nic the xenbr0 is bound to out of use).

My host machine has three NICs.  I currently have the following bridges
and mappings created:

  xen-br-pub -> eth0 (will be the Internet connection)
  xen-br-lan -> eth1 (will be my private network machines)
  xen-br-dmz -> eth2 (will be publicly-accessible machines)

All three NICS are currently "assigned" to dom0, but I want to assign
all of them to the firewall and hide them from domU.  If I do this, will
I still need to create the bridges?

Once I have all three NICs assigned to the firewall domU, I am planning
to create another brdige + dummy interface:

  xen-br-adm -> dummy0

which will connect to a corresponding dummy interface on the firewall so
I can log into domU remotely to manage the different domains, or setup a
new one, if necessary.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.