[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] how to provide different Xen subnets access to a DomU-installed NAS?


  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: "snowcrash+xen@xxxxxxxxx" <schneecrash+xen@xxxxxxxxx>
  • Date: Fri, 2 May 2008 07:46:00 -0700
  • Delivery-date: Fri, 02 May 2008 07:46:35 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=Z9XvQdTZJyc/OaCLAaDIm9Nw6c8CjKG20mZdtxFRJMT27mj19TFot0PEqc2n8qlqOiwPrHKRy/73glpq8u5FNKXxX4rrycik0DUzxIKZ8NF9lb6q7Oscq3tJdwiaKg4156Q4zKf3BAfzOG5Fc0GxvEie2dUCX8FRvQDscKidZzY=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

I've a Xen Dom0 with 3 vif-bridges defined, one each for LAN, WAN & DMZ.

A DomU router/firewall routes between the 3.  Works great.

After getting advice from the list, I've settled on an apporach to
file-services; I've launched a storage appliance (OpenFiler) in a
DomU.  For initial access, it attaches to the LAN bridge.

I next want to provide access to the NAS 'bus' from both DMZ & LOC
machines.  Routing across all the storage protocols gets messy quickly
...

I'm thinking that the right apporach is to define another bridge,
solely for the purpose of the NAS traffic, providing private access
*around* the firewall. (Is that, then a 'vlan'?)

If it's viable -- should that bridge be Xen-routed, using static
routes?  If so, at that point I have mixed xen-bridging & -routing ...
should be ok, I think.

There seem to be many ways to achive this; I'm not sure if this
approach is recommended/wise.  Comments?

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.