[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Re: Network isolation - PCI passthrough question



Jean Baptiste FAVRE wrote:

I don't care about dom0 network as it's just near me (test machine) :)
But I do care about domU network and I'm not sure I understand your "vif
bridged on lo-device".

I'd suggest you try manually creating a bridge with no network interfaces attached to it*. You can add an IP address directly to the bridge interface, and then the Dom0 and any DomUs you attach to it can communicate between themselves. But with no external interface attached to the bridge, nothing will have access to an outside network other than through the firewall DomU.

Apart from the lack of external NIC, this is how I run my home network. I do PCI passthrough to hide a NIC (connected to an ADSL modem) from Dom0, and all outside traffic passes though the virtual firewall in order to reach the outside world.

* IRC something like this ought to do it :

brctl addbr br0
ip addr add w.x.y.z/n dev br0
and then specify br0 when configuring VIFs in your guests.

--
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.