[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Problems with network setup
Hi Sebastian, On January 3, 2006 05:15 am, Sebastian Pölsterl wrote: > But I have problems getting the hole network stuff running. The machine > has two NICs, one for PPPoE and one for LAN. I ran into similar issues, and with help from searching various posts on the list as well as direct communication with a couple of people, I was able to some up with a solution.... > Though, I searched the archive and found out that it has something to do > with bridging and routing, I have no clue how to do that. I'm more than happy to help you :-) Here is the solution I implemented, though I am sure there are other ones out there too :-) I am not running IPCop, but am running a Linux firewall as a domU (using a Dom0 kernel, actually...) I tried to get IPCop running once, but never really went too deep into it, and just decided to run a regular Linux box with Shorewall. I did see a post by someone (not sure who, offhand) who was able to hack IPCop to run under Xen. Anyway, here's the solution I implemented: Frist, in looking at your /etc/xen/ipcop file, I notice the following: pci=["00,00,0a", "00,00,0b"] Presumably, these are PCI IDs (from 'lspci'??) of your two NICs you wish to use? I would just hide one of them (the one the Internet will plug into) and bridge the other one, you you can have physical machines be on the same LAN segment as well (via a physical hub/switch). To hide the NIC from Dom0, you need to add a parameter to your 'kernel' line in the /boot/grub/menu.lst file. Let's use, for example, the NIC with PCI ID of '00:00.0a' (though that seems incorrect to me as a PCI ID): kernel /boot/vmlinuz-2.6.11-xen0 root=/dev/hda1 ro console=tty0 max_loop=16 physdev_dom0_hide=(00:00.0a) (Note: The above is of course all on one line, but likely wraps in your mail viewer) You will need to reboot for the above to take effect. You will also need to change your /etc/xen/ipcop file, but we will take care of that in a bit. That takes care of the most complicated part - hiding the NIC to be used for the Internet connectivity from Dom0. The next part is to create the necessary bridge for your LAN. Open /etc/network/interfaces, and put the following: --- CUT HERE --- auto br-lan0 iface br-lan0 inet manual bridge_ports eth0 --- CUT HERE --- Now, in your /etc/xen/ipcop file, you need to make some changes; it should look something like this: --- CUT HERE --- kernel="/boot/vmlinuz-2.4.30-ipcop" memory=32 name="ipcop" disk=['file:/mnt/vserver/images/ipcop.img,sda1,w','file:/mnt/vserver/images/ipcoplog.img,sda2,w'] nics=1 vif=['mac=aa:00:00:00:00:11, bridge=br-lan0'] root="/dev/sda1 ro" extra="3" pci=["00,00,0a"] --- CUT HERE --- Start your IPCop domain and it should work :-) HTH. -Alan _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |