Re: [Xen-users] Internet access for host when hosting router/firewall guest

[Simon Hobson <linux@xxxxxxxxxxxxxxxx>]

On 21 Sep 2016, at 01:34, T Coop (13ruce1337) <tagcoop@xxxxxxxxx> wrote:

> For the basics I’m running Debian (Stretch) on a NUC (NUC5PPYH) hosting with 
> Xen 4.0.6-1amd64. The router guest is IPFire. I’m bridging the internal and 
> USB NIC to the guest, which does NAT/DHCP. I’m having trouble with is the 
> host is not able to access the internet. From what I’ve read when bridging, 
> I’m not to give a static IP to the host. I’m trying to access the host via 
> SSH as well. After much trial and failure I’m starting to think I need to 
> create a virtual bridge from the guest to the host.

Short answer - teat the host as you would any other INTERNAL device.

Long answer - you don't apply an IP address to the external network bridge, but 
you do to the internal network bridge. Then you apply firewall rules (in the 
firewall appliance guest) to port forward an external connection to the 
INTERNAL IP of the host.
Basically, imagine if you unravelled all the bits into real components. You'd 
have your internet connection, a network switch, a router box, then another 
network switch - and all your devices would be plugged into that second network 
switch. Your Xen host is just one of those devices and plugs into the internal 
network, and you need port forwarding in the router to get outside connections 
inwards.
Once you have that flow in mind, you can "roll it all up again into the 
virtualised setup you currently have.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
https://lists.xen.org/xen-users