Re: [Xen-users] Xen on multiple public IP's

["Eric Peterson" <srcfoo@xxxxxxxxx>]

On 3/20/06, mrkris@xxxxxxxxxx <mrkris@xxxxxxxxxx> wrote:
> > On 3/20/06, mrkris@xxxxxxxxxx <mrkris@xxxxxxxxxx> wrote:
> >> Hiya list,
> >>
> >> I am new to XEN and have been pulling out my hair trying to figure this
> >> out. I have 25+ dedicated public IP's and a very nice server. I have
> >> always been a security nut running openbsd as my primary server
> >> operating
> >> system, until I found XEN. I love XEN thus far and it's stability, but I
> >> can't seem to get this working properly.
> >>
> >> I want each separate dom to have a public IP. I have read the docs,
> >> followed the tutorial here:
> >>
> >> http://www.debian-administration.org/articles/360
> >>
> >> I can't seem to get networking functioning properly on it. Do I want
> >> bridge or route? Any help would be appreciated. If you need any
> >> particular
> >> info, please let me know.
> >>
> >> thanks.
> >> mrkris
> >
> > You would just need to run in bridge mode with each domU having an IP
> > in the public range.  I would personally setup a firewall that mapped
> > public IPs to nat-ed addresses, but that's just me.
> >
> > In your Xen scripts for each domU, are you giving them a public IP like
> > this:
> >
> > # Network
> > ip = "192.168.1.97"   # Pretend this is public
> > netmask = "255.255.255.0"
> > gateway = "192.168.1.1"
> >
> >
> > Are the domU machines being given IPs that are part of the same subnet
> > as dom0? You will need to do this for bridged networking to work out
> > of the box.
> >
>
> I am using Steve from steve.org.uk's xen scripts to generate the doms. I
> do assign them a public ip with the appropriate ip, netmask and gateway.
> Every IP on the system is sequential. x.x.x.230 is the system. If I read
> the docs correctly, then x.x.x.231 would be the bridge ip, then x.x.x.232+
> would be assigned to each dom, then each dom would have their gateway set
> as x.x.x.231.
>
> In the xend-config script I am going to want to use:
>
> (network-script network-bridge)
> (vif-bridge xenbr0)
> (vif-script vif-bridge)
>
> This correct?
>
> Thanks,
> mrkris

Well I want to stress that I'm not saying your config is wrong.  I
haven't setup Xen to work in that way.

My networking is setup the default way using the xen scripts from
source.  So my bridge has no IP, eth0 is has an IP on the local
subnet, all vif are added to the bridge, and my domU domains use the
LAN gateway not the bridge to route their traffic.

I originally had a setup similar to yours, but I always had problems
with things coming up automatically.  So I scrapped it and started
over from the source and I've had zero problems since.  I haven't
messed with my networking yet because I have been too busy, but
hopefully soon I will have a little more advanced setup.

I haven't looked at Steve's scripts, but my guess from my own
experience is that using the bridge as your gateway with it having an
IP is messing things up. Have you tried the default xen network
scripts? It sounds like they'll do exactly what you want.

Sorry I can't be of more help.

_Eric

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users