[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Restrict IP addres per DomU guest( Prevent IP conflict)

  • To: matt@xxxxxxxxxxxxxxxxxx
  • From: KC LO <kclo2000@xxxxxxxxx>
  • Date: Tue, 8 Jun 2010 03:50:56 +0800
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Mon, 07 Jun 2010 12:52:23 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=oNVkNd9ZbQ1Ceuq3nycv9FiqCjNF6vM4LBE4Xnoa0HSI7g50xtz8YrUs+uJeB9973d 7nDv1+CcHwujkzcXM8i4tW8y9mjSax9RKo5qiP1vn4OWPfiwLD1MELTRncfWo0qkohUK Riu+Bwmv/DhNHkZXYyCWuab9zkUcQNzl80DMQ=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
Thanks all!
 
I have tried the setup but it does not solve the IP conflict on DomU.  Do you have any ideas?  BTW, I have disabled iptables on the Dom0 host?  Does it require iptables running?
 
My DomU startup script has been modified like this :
 
disk = [ 'phy:/dev/VolGroup00/centos2,xvda,w' ]
vif = [ 'ip=111.28.55.32 , mac=00:16:36:0A:B1:1C , bridge=eth0' ]

My brctl show output
[root@localhost xen]# brctl show
bridge name     bridge id               STP enabled     interfaces
eth0            8000.a4badb19e753       no              vif59.0
                                                        vif40.0
                                                        vif37.0
                                                        tap37.0
                                                        vif12.0
                                                        vif5.0
                                                        tap5.0
                                                        vif3.0
                                                        tap3.0
                                                        peth0
virbr0          8000.000000000000       yes
My xm list -l domu on VIF shows like
 
(device
        (vif
            (bridge eth0)
            (uuid 7b955f3d-6efb-57c4-885e-f48614f8809f)
            (script /etc/xen/scripts/vif-bridge)
            (ip 111.28.55.32)
            (mac 00:16:36:0A:B1:1C)
            (backend 0)
        )
    )
 

 
On 20 May 2010 04:33, Matthew Law <matt@xxxxxxxxxxxxxxxxxx> wrote:

On Wed, May 19, 2010 8:09 pm, KC LO wrote:
> Hi all,
>
> If I have setup multiple DomU guests(like guest1, guest2, guest3) on top
> of
> a Dom0 server, how can I restrict the IP address on guest OS?  For
> example,
> guest1 can only use 1.1.1.1.  If the admin of guest1 change the IP address
> other than 1.1.1.1, it will lose connectivity.  In a phycial environment,
> I
> can implement the policy at the ethernet switch to limit the IP address
> per
> port.  Any solution for it?

You could start with something like this:

http://www.standingonthebrink.com/index.php/ipv6-ipv4-and-arp-on-xen-for-vps/


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.