[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] xen bridged network config woes [repost w/apology]

On Mon, 5 Feb 2007 19:43:17 -0800 (PST), "Curtis Doty"
<Curtis@xxxxxxxxxxxx> said:
> Actually it can. If his upstream/ISP was designed by a Cisco engineer for 
> single-server-per-port hosting, then it is conceivable they use "port 
> security" to restrict access.

I just heard back from them. The word is that if an unexpected MAC were
to show up, a security measure in the switch would simply shut it down
until someone from the ISP can look at it. Since that has never
happened, by definition my domU's packets have never even left the box
and reached the switch! They were kind of amazed to find out from me
that Xen makes up MAC addresses that may change for the same IP by
default, and instructed me to define a single MAC address for each IP in
my xen config, and give it to them so that they can tell the switch not
to shut down.

> suggestion to try routing instead.

I don't understand networking very well, which is why I just went with
bridging because I understood from reading the Wiki that it was the
It-Just-Works default. Aside from switching to the routing scripts in my
xend-config.sxp, what do I need to do to make this work?

> Ali, are the other addresses in your /29 netblock also for use only on 
> your one server? (vips)

I'm not sure I understand your question, but I'll try to answer it
anyway. As configured by the host, the IPs were all assigned to my
server, in the rc.local file. 94.226 is my main eth0 IP and the others
are all aliases on eth0:227, eth0:228, eth0:229 and eth0:230. 

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.