[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] iptables and xen 3.x

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: Andy Smith <andy@xxxxxxxxxxxxxx>
Date: Wed, 29 Mar 2006 20:45:41 +0000
Delivery-date: Wed, 29 Mar 2006 20:47:25 +0000
List-id: Xen user discussion <xen-users.lists.xensource.com>
Openpgp: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc

On Tue, Mar 28, 2006 at 07:53:17PM +0000, Andy Smith wrote:
> In xen 2.x running a bridged setup I am used to being able to
> firewall off individual domUs from the dom0 using the physdev
> module.
> 
> However with a bridged setup in xen 3.x the physdev on all packets
> seems to be vif0.0 even though I have named vifs that are seeing the
> traffic.  For example:

[...]

> Mar 28 19:49:53 dnuk kernel: DOMU-FWD: IN=xenbr0 OUT=xenbr0 PHYSIN=peth0 
> PHYSOUT=vif0.0 SRC=82.69.129.107 DST=217.147.93.68 LEN=84 TOS=0x00 PREC=0x00 
> TTL=57 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=54341 SEQ=0
> 
> all traffic for all domUs seems to go out of vif0.0!

No answers so maybe I have missed something obvious, but I don't
understand why this works for me with xen 2.0.7.

Do I need to use ebtables now?

Cheers,
Andy

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

References:
- [Xen-users] iptables and xen 3.x
  - From: Andy Smith

Prev by Date: Re: [Xen-users] No dom0/domU ping "out of the box"
Next by Date: [Xen-users] 2.6.16.1 stable only with xen
Previous by thread: [Xen-users] iptables and xen 3.x
Next by thread: [Xen-users] Questions about sedf scheduler
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.