Xen project Mailing List

[Xen-users] Questions about bridges, and firewalls: Mandriva and Red Hat-like systems

From: "Alan Murrell" <lists@xxxxxxxxxx>

Date: Wed, 19 Jul 2006 20:43:25 -0700 (PDT)

Delivery-date: Wed, 19 Jul 2006 20:48:00 -0700

Importance: Normal

List-id: Xen user discussion <xen-users.lists.xensource.com>

Hello, There is currently a lot of info on setting up bridges, netowrks and firewall DomU's on Debain-based host systems (Debian, Ubuntu, etc.) I would like to do a similar setup on a Mandriva host system (which should, by extension, be similar for Red Hat, Fedora, and similar systems), as Mandriva is the distro I use the most (almost exclusively) I am currently running xen-2.0.7 on a Debian host. One of my DomU's acts as a firewall with one of the physical NICs assigned to it (the one for the Internet connection). The other two physical NICs in the server are "assigned" to Dom0 and are attached to bridges for my LAN and DMZ. The firewall Dom0 is then attached to the LAN and DMZ bridges so it can route traffic on those interfaces. (I have both physical machine and VMs on my LAN segment, hence the bridges for the LAN and DMZ.) Now, I am in the process of building up a server using Xen 3.0.2. The host OS is Mandriva, which is the distro I use the most. On my current Debian host, my "/etc/network/interfaces" file looks like this: --- CUT HERE --- auto br-adm0 iface br-adm0 inet static address 10.253.3.2 netmask 255.255.255.0 gateway 10.253.3.1 bridge_ports dummy0 auto br-dmz0 br-lan0 iface br-lan0 inet manual bridge_ports eth0 iface br-dmz0 inet manual bridge_ports eth1 --- CUT HERE --- So I have three "untethered" bridges with a network interface assigned to each one: br-lan0 -> eth0 (for the LAN) br-dmz0 -> eth1 (for the DMZ host) br-adm0 -> dummy0 (so I can SSH into the host server from the firewall DomU for administration of the box, creation/management of VMs, etc.) Each bridge is assigned a static IP address. On the new host, I have created the following script in "/etc/xen/scripts" called "my-network-script", and modified the necessary files to allow it to run (from the example provided at <http://wiki.xensource.com/xenwiki/XenNetworking>): --- CUT HERE --- #!/bin/sh dir=$(dirname "$0") "$dir/network-bridge" "$@" netdev=eth0 vifnum=0 bridge=br-lan0 "$dir/network-bridge" "$@" netdev=eth1 vifnum=1 bridge=br-dmz0 "$dir/network-bridge" "$@" netdev=dummy0 vifnum=2 bridge=br-adm0 --- CUT HERE --- I have also created the appropriate "/etc/sysconfig/network-scripts/ifcfg-xxx" scripts. When the system boots, all the proper interfaces, bridges, and vif's get created. I am not sure, however, how to get the IP addresses assigned to the bridges themselves. For example, if I edit the ifcfg-eth0 script to assign a static IP address of '10.253.1.2', and reboot the server, the IP shows up as actually being assigned to "eth0" instead "br-lan0" (on my current Debian host, the IP shows up on the "br-lan0" interface). Is this correct behaviour in Xen 3.0.2? If anyone has any other ideas on how to accomplish this (preferably using the Xen scripts, though modification of them is OK), such advice would be appreciated. Thanks, in advance! -Alan _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.