[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Firewall in domU, networking in XEN

Walter Robert Ditzler wrote:

the probem i have, for ex, ist he firewall stuff, i mean in our point of
view, a firewall should be seperated by 2 nic's and i assume briged nic on a
xen will cause some difficulties with iptable! even i dont know how you
would quaranty security when all ip packages traverse the same nic!

In this case, the OP only has a NIC for outside (untrusted) traffic. It's afor a hsoted server, so there is no physical network (ie other computers, printers etc) to need a NIC. Since external and internal traffic won't be sharing a NIC, it's not a problem.

He'll have two separate bridges (analogous to two separate physical switches) for 'internal' and DMZ traffic, and either a third bridge or PCI passthrough for the outside traffic.

Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.