[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Re: number of ips


  • To: Vu Pham <vu@xxxxxxxxxx>
  • From: Anand Gupta <xen.mails@xxxxxxxxx>
  • Date: Sat, 11 Apr 2009 16:22:57 +0530
  • Cc: Xen Users <Xen-users@xxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Sat, 11 Apr 2009 03:53:42 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=LB7Fco4eLPfkY5Tnhpx0MF3g4YF8tgSdXkdQGJLCEWPkM0ZB1i0AdyFHo/7aE5MNey eHEL0nHqqLJHf/tzOV3c8Y2TSiqJD7zPsrkbGS3ogrG4Jr2md/ikn1R1YDctnPmbtGWu lzdYRwWCngzKTZo81TIzMae+6jTmtlNtR6H6A=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

Hi Vu,

Ofcourse these users are all root users, each domU root user is maintaining their themselves.

Can you recommend how to use iptables to achieve this ? The earlier solutions i seem to have seen are all based on ebtables.

On Sat, Apr 11, 2009 at 5:33 AM, Vu Pham <vu@xxxxxxxxxx> wrote:

Vu Pham wrote:


Anand Gupta wrote:
Hi Vu,

Actually both. I am basically offering vps services. So its critical
for my setup that users use only the ips i have assigned to their
domU. They shouldn't arbitrarily add ip series and start to use them.
Further i have some domU's where i have to add multiple ips for use
inside them.

Are the users just non-root users ? Or are you going to let them access their domU as root accounts so they have systems with all permissions ?

Non-root users cannot assign ip address, I believe.

I click Send to fast. If they are root users, you can set up iptables on dom0 to block them according to the IPs you assign to them. If they assign more, those IPs cannot get out.

Vu



Vu



On 4/11/09, Vu Pham <vu@xxxxxxxxxx> wrote:
Anand Gupta wrote:
Hi Nick,

Thanks for the reply. What if they are on different subnet ? And then
what stops a user inside domU to add any ip in that series (as long as
the ips are assigned and routable to the server) and start to use it ?

On 4/11/09, Nick Anderson <nick@xxxxxxxxxxxx> wrote:
On Sat, Apr 11, 2009 at 01:35:48AM +0530, Anand Gupta wrote:
Hmm... So if i have to assign lets say 6 ips to a domU, what is the
best method to do so ?
 Well if they are all on the same subnet and your using standard
bridging and using a linux domU you should be able to just bring
virtual interfaces.

ifconfig eth0:0 192.168.1.2
ifconfig eth0:1 192.168.1.3
ifconfig eth0:1 192.168.1.4


Hi Anand,

I just want to understand more about your problem. Do you want to be
able to have many IPs on domU or do you worry about users trying to add
too many IPs that can affect the system ?

Thanks,

Vu





_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users




--
regards,

Anand Gupta
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.