|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Need support for xen network configuration
Simon Hobson <linux@xxxxxxxxxxxxxxxx> writes: > Alexandre Kouznetsov <alk@xxxxxxxxxx> wrote: > >> For sake of security, your scenario will be better if you manage to add a >> second physical interface. Make eth0 to be "internal" and eth1 to be >> "external". >> For sake of sanity, separate your different IP networks into different >> broadcast domain, VLAN is the most suitable option if they are to share the >> same physical port. > > +1 for that > >> If you still wish your DomU to have a second (public) IP address, add a >> alias section: > > Rather than add aliases, AIUI it's now preferred to just add addresses > (whether in the same subnet or a different one). > So something like : > iface eth0 inet static > address 192.168.1.1 > ... > post up ip addr add address 192.168.1.7/24 > post up ip addr add address 10.0.0.1/24 /24? The bridge needs to have the IP addresses, *not* the physical interface. The physical interface needs to be added to the bridge. It does not need to (should not) have an IP address itself. Please be aware that a bridge is a bridge. When you do this, you connect all these different networks with each other. That is probably *not* what you want. See also: http://www.shorewall.net/three-interface.htm -- Knowledge is volatile and fluid. Software is power. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |