|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] NET Network / Server running on internal Network not reachable
On Sat, Jul 12, 2008 at 11:42 PM, Christopher Isip <cmisip@xxxxxxxxx> wrote: I am going to try to see If I can create a domU webserver. I need it to host anyterm. There might be some xen peculiarities at work here that I am not aware of. If I get a working configuration, I can post it here. First I will post a question to the list regarding security of dmz domUs in bridged interfaces. I managed to get a couple of dmz webservers running in xen domUs. I got it done without the use of iptables or ebtables. I used shorewall. Its nowhere as complicated as the shorewall howtos on the net, although I am not sure how secure the setup would be. I have another thread in the list addressing this. My configuration is dom0 with two physical nics. One is pcibacked to an Asterisk/DNS/IPMasq/Firewall/DHCPServer domU. The other (peth0) is bridged to bridge eth0. My local domUs in this machine are connected to the eth0 bridge. The dmz domUs are connected to a bridge with no physical interface enslaved to it (xenbrD). The Asterisk domU has three interfaces then: eth0 - pcibacked nic (external to the internet), eth1 - the vif interface to the bridged nic (connection to local lan) and eth2 - the vif interface connected to the dmz bridge (connection to the dmz domUs). If you want to try this configuration, let me know and I can post the details. I used to have dom0 firewall routing but I dont have that setup anymore although I have some ideas on how it might(?) work. Chris _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |