[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Guest Type for Network Management


I'll just answer that part:

> Is it appropriate to include a firewall here or should different guests use
> different firewalls?

Virtualizing some computers is not so different to having small,
concrete computers connected together into a LAN. So the answer is: it
depends ;-)

Having a firewall only in the network domain should spare some CPU
because the filtering is only done once. But this isn't maybe
fine-grained enough.
On the other hand, if your dom0 and domUs are doing very different
businesses, this could be easier to configure a firewall per dom.
And like in a real LAN, it also depends on how you trust every domU.

In your case (a laptop), filtering (and maybe NAT-ing for wireless) in
the network domain could be easier, because you'll have a single point
of configuration & management.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.