Re: [Xen-users] Using both NAT and Bridge networking on the same host

[Andreas Hilboll <lists@xxxxxxxxxx>]

Am So 27 Jan 2013 12:46:26 CET schrieb Peter Viskup:
> On 01/27/2013 12:01 PM, Andreas Hilboll wrote:
>> Hi,
>> I would like to use bridged networking for some domUs and NAT networking
>> for some other domUs, all on the same dom0. Currently, I only have the
>> bridged guests running. In xend-config.sxp, I'm not using any
>> network-script, as I have done the bridge setup manually. The vif-script
>> is currently set to vif-bridge.
>> Now I want to add some more domUs, but using NAT (I don't have enough
>> public IPs on my hosted server). How can I do this without breaking the
>> bridged networking setup of the already running guests?
>> Or do I have to change to NAT networking altogether?
>> Cheers, Andreas.
>>
>> PS: Running Xen 4.0.1 on Debian Squeeze/AMD64, using xm toolstack
>
> Hi Andreas,
> it's possible by using the 'script' attribute within the vif
> definition. The  xend-config just defines the 'default' script.
>
> <code>
> vif = ['ip=10.0.0.YZ-AB.CD.EF.GH, vifname=vps-name-pub,
> script=vif-nat-fw']
> </code>
>
> The vif-nat-fw is my own script which is configuring the NAT on the
> fly based on the IP pair defined by the 'ip' attribute. Of course you
> can also do the mixed setup with NATed and bridged domains.
> For more information browse the /etc/xen/scripts directory.
> All other questions are welcome. ;-)

Thanks, Peter, works like a charm =)

Next question: I want to run a service on the domU which should be
accessible from the internet. So I guess I have to somehow insert the
appropriate iptables rules. Which would be the place to do that? I guess
you're doing that in your vif-nat-fw script? If so, maybe you would be
willing to share this? Or should I set the rules 'globally' as post-up
in /etc/network/interfaces?

Cheers, Andreas.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users