John R. Shannon
2006-Jan-04 12:56 UTC
Re: [Xen-users] so easy - but.. multiple NIC''s in domU
On Wednesday 04 January 2006 07:24, Mathias Diehl wrote:> Hi List, > > I searched the web and losts of posts in this list to get a network running > on my xen box. Using xen3.0 on debian sarge worked quite fine and I also > understood all the networking / bridging stuff... (thanx to many posts and > howto''s).It''s easy. He''s an example from one of my domU config files: vif = [ ''mac=aa:00:00:00:00:02, bridge=bridge0'', ''mac=aa:00:00:00:01:02, bridge=bridge1'' ] You don''t have to specify a mac address; one will be assigned for you if you don''t. In dom0 you can include one ethernet interface in bridge0 and another in bridge1. That way you''re bridging all the vif interfaces in bridge0 to one ethernet NIC and all the vif interfaces in bridge1 to a different ethernet NIC. -- John R. Shannon john@johnrshannon.com john.r.shannon@saic.com john.r.shannon@us.army.mil shannonjr@NetBSD.org _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi List, I searched the web and losts of posts in this list to get a network running on my xen box. Using xen3.0 on debian sarge worked quite fine and I also understood all the networking / bridging stuff... (thanx to many posts and howto''s). As I''m still quite new to linux and did most things following a step by step guideline I face a little problem. How to define more than one nic in a domU. Well, I found the entry "nic=1" in my domU config file - but how to allocate an IP, netmask,.... to nic 2, 3, ... The Scenario to build is like that: ---eth0--(hidden in dom0)---domU (firewall)--+---DMZ1 (domU) + + : : : +---DMZ2 (domU) : : : : : +--------------+---LAN1 (domU) : : : +---LANn (domU) : : to other xen box-eth1-------+----------------+--Client1 (domU) : +--Clientn (domU) So actually I would like to route all incomming traffic to my firewall domU and from there to subnet 1 (DMZ), subnet 2 (my own LAN) and subnet 3 (a clients LAN). BTW, I remeber some posts about allocating a domU to a certain bridge (or better: virtual switch). Do I just have to enter the vif according to my needs in the domU''s config file? And - last question: how secure is it, that a domU attached to vifA will not be able to contact a domU attached to vifB if my firewall does block this connection (here: that my LAN is not visible for the clients network). Thanx in advance _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
H List, well... I still don''t understand - maybe too simple? I mean, if I have only one NIC in domU I use somthing like nics=1 vif = [''bridge=xenintbr''] dhcp ="off" ip="192.168.1.2" netmask="255.255.255.0" gateway="192.168.1.1" If I now follow the advise vif = [ ''mac=aa:00:00:00:00:02, bridge=bridge0'', mac=aa:00:00:00:01:02, bridge=bridge1'' ] how do I allocate an IP to each of my NICs connected to a bridge? nics=2 vif = [ ''mac=aa:00:00:00:00:02, bridge=bridge0'', ''mac=aa:00:00:00:01:02, bridge=bridge1'' ] dhcp ="off" ip="192.168.1.2" ip2="192.168.1.3" netmask="255.255.255.0" gateway="192.168.1.1" Or do I just have to edit the /etc/network/interfaces manually?? Got my problem? cheers, Mathias -----Ursprüngliche Nachricht----- Von: John R. Shannon [mailto:john@johnrshannon.com] Gesendet: Mittwoch, 4. Januar 2006 13:57 An: xen-users@lists.xensource.com Betreff: Re: [Xen-users] so easy - but.. multiple NIC''s in domU On Wednesday 04 January 2006 07:24, Mathias Diehl wrote:> Hi List, > > I searched the web and losts of posts in this list to get a networkrunning> on my xen box. Using xen3.0 on debian sarge worked quite fine and I also > understood all the networking / bridging stuff... (thanx to many posts and > howto''s).It''s easy. He''s an example from one of my domU config files: vif = [ ''mac=aa:00:00:00:00:02, bridge=bridge0'', ''mac=aa:00:00:00:01:02, bridge=bridge1'' ] You don''t have to specify a mac address; one will be assigned for you if you don''t. In dom0 you can include one ethernet interface in bridge0 and another in bridge1. That way you''re bridging all the vif interfaces in bridge0 to one ethernet NIC and all the vif interfaces in bridge1 to a different ethernet NIC. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users