[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Need support for xen network configuration

To: xen-users@xxxxxxxxxxxxx
From: Alexandre Kouznetsov <alk@xxxxxxxxxx>
Date: Wed, 09 Jul 2014 13:49:11 -0500
Delivery-date: Wed, 09 Jul 2014 18:50:20 +0000
List-id: Xen user discussion <xen-users.lists.xen.org>

Hello.

El 09/07/14 08:00, Fritz Richter escribió:

I have got a debian server with one eth0 attached to it. There are multiple 
networks attached to the server:

- Public IP Adress 1 (single public IP for dom0)
- Public IP Adress 2 (single public IP for one virtual domU)
- Internal IP Network 10.10.10.x (internal live network attached to 1..n domU)
- Internal IP Network 10.10.20.x (internal dev network attached to 1..n domU)


All that on a single physical eth0?

For sake of security, your scenario will be better if you manage to adda second physical interface. Make eth0 to be "internal" and eth1 to be"external".For sake of sanity, separate your different IP networks into differentbroadcast domain, VLAN is the most suitable option if they are to sharethe same physical port.

The very first question is, how to setup the dom0 so that the system is 
prepared to handle all different scenarios)?

First of all, don't set up IP on eth0 directly. Make the bridge to havethe IP on it. I will use the bridge named xenbr0 in my example. Notethat Dom0 don't need to have an IP address in all networks to which youwish to attach DomUs:


auto lo
iface lo inet loopback

#(no eth0 mention at all, xenbr will pick it up)

auto xenbr0
iface xenbr0 inet static
  address 10.10.10.5
  netmask 255.255.255.0
  bridge_ports eth0
  bridge_stp off
  bridge_fd 5

If you still wish your DomU to have a second (public) IP address, add aalias section:


auto xenbr0:0
iface xenbr0:0 inet static
  address   100.0.0.10
  netmask   255.255.255.0
  gateway   100.0.0.1

Then, attach your domU's VIFs to the created bridge. The IP settings ofthe DomU's interfaces should be set up in DomU's OS, just make sure theyare attached to the correct bridge.

Reference: http://wiki.xen.org/wiki/XenNetworking

Note that I have omitted some configuration parameters on theinterfaces. They have valid defaults, no point of setting them specifically.

Once again, I would like to advice against using the same bridge forpublic Internet IP and private LANs. Have internal and external networkson separate physical ports. Have different internal subnets on differentVLANs.


Greetings.


--
Alexandre Kouznetsov


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

Follow-Ups:
- Re: [Xen-users] Need support for xen network configuration
  - From: Simon Hobson

References:
- [Xen-users] Need support for xen network configuration
  - From: Fritz Richter

Prev by Date: Re: [Xen-users] How to hvm to ivshmem ?
Next by Date: Re: [Xen-users] Need support for xen network configuration
Previous by thread: [Xen-users] Need support for xen network configuration
Next by thread: Re: [Xen-users] Need support for xen network configuration
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.