[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] issue with iptables antispoofing rules in xen4.8 generetab by vif-bridge and vif-common.sh



>>>
>>> On a side-note, the recommended way of configuring the network is doing it
>>> manually (i.e. defining the bridge in your OS configuration files). The 
>>> issues
>>> with the script are numerous. For one, you can't do (the equivalent of)
>>> '/etc/init.d/networking restart', because then the Xen script is not run. Or
>>> you iptables state will fail because network devices aren't there yet. Etc.
>>>
>>> See:
>>> https://wiki.xenproject.org/wiki/Xen_Networking#Setting_up_bridged_networking
>>
>> Are you confusing the old 'network-bridge' with 'vif-bridge'?
>>
>> vif-bridge only attaches the dom0 side of the vif to the bridge.
>>
>> Hans
> 
> Oh, ha, apparently I am. Never mind :)
> 
Lucky me, I was about to confess that I have no clue waht you were
talking about ;-)

But still - can anyone confirm the iptables rules as automatically
generated are not working?

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.