[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] advanced bridging...

Sorry for this double post. It was sent from the wrong e-mail address, which I 
realised just too late. You can ignore it and comment on the original post if 
you like instead.

Again, sorry.

Geert

On Saturday 5 May 2007 16:18, Geert Janssens wrote:
> Hi Marc,
>
> I have seen two network diagrams of you passing in the thread already and
> they both helped me understand the Xen networking a lot better.
>
> The first diagram explained how to setup a Xen system with 1 physical NIC,
> where one domU acts as a firewall for the other domU's. In this scenario,
> dom0 is connected to the bridge that links to the unsafe net (the "outside"
> network for the domU firewall).
>
> The second diagram explained who to setup a Xen system with 2 physical
> NICs, dom0 acts as a firewall between the two NICs. It is setup with two
> bridges, one that connects the internet side of the virtual network (first
> physical NIC and first virtual NIC) and one that connects the LAN side of
> the virtual network (seconf physical NIC for the rest of the LAN, second
> virtual NIC for dom0 and virtual NICs for the different domU's).
>
> Unfortunatly, what I am trying to achieve is yet another slight variation.
> See the attached image.
>
> I would like to setup a system with two physical NICs (peth0 and peth1),
> where the firewall runs in domU.
>
> For that I would like to setup two xen bridges.
> The first is on the LAN side, and is a typical Xen bridge: one physical
> NIC, a virtual NIC for dom0 and one for domU.
>
> The second would be on the internet side, but it should NOT have a virtual
> NIC for dom0, only for domU. The idea is that dom0 should not be accessible
> from the internet, only from the LAN.
>
> Is such a setup possible ? And if yes, how ?
>
> Thank you.
>
> Geert Janssens
>
> P.S. in an earlier attempt I tried to eliminate the second bridge
> altogether by assigning peth1 directly to the domU with PCI back.
> Unfortunatly, I can't seem to get PCI back working correctly on my system,
> so I'd like to try this alternative approach.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.