[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Problem Bridging Connections

Hey, thanks for the reply Simon.

It ended up being a dns resolution problem, I didn't realize it because I was trying to ping domains, my resolv.conf file had the wrong gateway.

I am also not used to the GUI in debian, network-manager kept telling me I was disconnected, turns out interfaces was working all along.

On Mon, Apr 23, 2012 at 4:39 AM, Simon Hobson <linux@xxxxxxxxxxxxxxxx> wrote:
Casey DeLorme wrote:

My objective is to run a HVM PFSense, with eth0 to xenbr0 as WAN and xenbr1 to eth1 as LAN, and I want Dom0 inside the network (part of LAN not WAN).

As far as I can tell it is working, a Windows 7 x64 HVM and a Debian Squeeze HVM both have Internet access using xenbr1, and eth1 is wired to a switch where five additional devices also have Internet access.

However, Dom0 does not receive a connection at all, and has no access inside the LAN or to the Internet.

The basic appearance of my /etc/network/interfaces:

auto lo xenbr0 xenbr1
iface lo inet loopback
iface eth0 inet manual
iface eth1 inet manual
iface xenbr0 inet manual
       bridge_ports eth0
iface xenbr1 inet manual
       bridge_ports eth1

I have tried setting a static IP on xenbr1, and eth1 to no avail. ifconfig sees the values but no access to LAN is available.

You will need an IP address in xenbr1, and I don't think you need the eth<n> entries at all - and don't forget that you'll need a default route via the firewall virtual device.
Do you have communications between Dom0 and the firewall itself ?
Lastly, I think there are options for Xen to add iptables rules to limit traffic on a VIF to just the guests IP address, I assume these aren't turned on ?

Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

Xen-users mailing list

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.