[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] NAT and bridge at the same time

On Fri, Mar 23, 2007 at 07:54:59AM +0100, carlopmart wrote:
> jez wrote:
> >On Thu, Mar 22, 2007 at 04:37:45PM +0100, carlopmart wrote:
> >> Somebody knows if is it possible (with xen 3.0.3) to use an eth0 hosts 
> >>interface as a bridge and nat virtual device at the same time for two 
> >>virtual guests (one with nat interface and another as a bridge interface 
> >>)?? How can I do??
> >>
> >
> >Can you explain the problem you are trying to solve here and explain
> >which traffic is to be bridged and which is to be NAT'd? 
> >
> >Dom0 has only one interface, eth0, is this correct?
> >
> >Are you saying that you want each VM to have two interfaces eth0 and
> >eth1, where eth0 is bridged with the local LAN and eth1 is NAT'd? Or 
> >are you saying that you have two VMs and you want traffic from one VM to
> >be bridged and traffic from the other VM to be NAT'd?
> >
> >What distribution are you running: Debian? Fedora? ...?
> >
> >Please be a lot more specific when you ask for solutions to complicated
> >problems.
> >
>
> Sorry jez ... I will to try to explain:
> 
>  Dom0 has only one interface: eth0. I have two VMs and I need to use xenbr0 
> (linked to domU eth0) as a bridge on one VM, and on the other VM another 
> xenbr0 as NAT'd device ...
> 

If you had answered the questions (your problem?, your distro?) you might
have got a better solution. Too late now though ;-)

When you have the time, I recommend you read:

    http://www.catb.org/~esr/faqs/smart-questions.html

The following shows one way to set up a dom0 that has one interface
eth0, and two domUs vm1 and vm2, so that:

    - Traffic from vm1 is bridged with eth0 on dom0
    - Traffic from vm2 is NAT'd on dom0

We will assume that eth0 on dom0 has an address of 172.16.1.1

# cd /etc/xen/scripts 
# cp vif-route vif-myroute

edit /etc/xen/scripts/vif-myroute:

    change:
        main_ip=$(dom0_ip)
    to:
        main_ip=10.0.0.1
        echo 1 > /proc/sys/net/ipv4/ip_forward


config file for vm1 should contain:

    vif = [ '' ]

config file for vm2 should contain: 

    vif = [ 'ip=10.0.0.2,script=vif-myroute' ]


# iptables -t nat -A POSTROUTING -s 10.0.0.2 -o eth0 \
       -j SNAT --to 172.16.1.1


Then start your domUs.

Configure vm2 to have:

    address: 10.0.0.2
    netmask: 255.255.255.252
    gateway: 10.0.0.1

If everything works, then save the iptables rules on dom0:

# /etc/init.d/iptables save

cheers,

jez

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.