Hi, Can anybody point me in the right direction for getting Ipcop to work with xen? Is it even possible? I have googled and seen a couple of people say they have done it, can anybody just give me a breif idea of what is involved? Many Thanks, Mark _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Fri, 2008-02-29 at 12:22 +0000, Mark Hayward wrote:> Hi, > > Can anybody point me in the right direction for getting Ipcop to work > with xen? Is it even possible? I have googled and seen a couple of > people say they have done it, can anybody just give me a breif idea of > what is involved? > > Many Thanks, > > MarkOn Fri, 2008-02-29 at 12:22 +0000, Mark Hayward wrote:> Hi, > > Can anybody point me in the right direction for getting Ipcop to work > with xen? Is it even possible? I have googled and seen a couple of > people say they have done it, can anybody just give me a breif idea of > what is involved? > > Many Thanks, > > MarkI have it set up on my network. (Gentoo 32-bit with xen 3.1) Unless a recent version of IPCOP changed, you have to use HVM because its using a 2.4 kernel. I''m using 3 network cards on my dom0. NIC 0 -- Default connection and bridge for all other guests besides ipcop. NIC 1 -- Local connection for IPCop (i.e. "green" connection from the system to my switch) NIC 2 -- External connection to IPCop (i.e. "red" connection from the modem to the system) You need to use a custom network script for xen. (If you don''t know how let me know or google it, it''s pretty easy and well documented) The script i use to create the bridges is: #!/bin/sh dir=$(dirname "$0") "$dir/network-bridge" "$@" vifnum=0 netdev=eth0 bridge=xenbr0 "$dir/network-bridge" "$@" vifnum=1 netdev=eth1 bridge=xenbr1 "$dir/network-bridge" "$@" vifnum=2 netdev=eth2 bridge=xenbr2 I do _not_ bring eth2 up on the dom0. If the nic is up, I was unable to get a DHCP address in IPCOP, so make sure it is down. Once the network is setup, just install ipcop as a normal hvm guest putting only xenbr1 and xenbr2 in the config file. I *think* you should be able to do it with only 2 nic''s, but don''t know for sure. I had enough room and nic cards are cheap enough that I didn''t even bother trying with that setup. If you need anything more clear let me know. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi Jason, Thanks for your help. I am unfortunately running this on a Celeron so I do not have HVM :( I guess that is a show stopper. Thanks, Mark -----Original Message----- From: Jason Solan [mailto:jsolan@jsolan.homelinux.com] Sent: 29 February 2008 13:30 To: Mark Hayward Cc: xen-users@lists.xensource.com Subject: Re: [Xen-users] IPcop in Xen On Fri, 2008-02-29 at 12:22 +0000, Mark Hayward wrote:> Hi, > > Can anybody point me in the right direction for getting Ipcop to work > with xen? Is it even possible? I have googled and seen a couple of > people say they have done it, can anybody just give me a breif idea of > what is involved? > > Many Thanks, > > MarkOn Fri, 2008-02-29 at 12:22 +0000, Mark Hayward wrote:> Hi, > > Can anybody point me in the right direction for getting Ipcop to work > with xen? Is it even possible? I have googled and seen a couple of > people say they have done it, can anybody just give me a breif idea of > what is involved? > > Many Thanks, > > MarkI have it set up on my network. (Gentoo 32-bit with xen 3.1) Unless a recent version of IPCOP changed, you have to use HVM because its using a 2.4 kernel. I''m using 3 network cards on my dom0. NIC 0 -- Default connection and bridge for all other guests besides ipcop. NIC 1 -- Local connection for IPCop (i.e. "green" connection from the system to my switch) NIC 2 -- External connection to IPCop (i.e. "red" connection from the modem to the system) You need to use a custom network script for xen. (If you don''t know how let me know or google it, it''s pretty easy and well documented) The script i use to create the bridges is: #!/bin/sh dir=$(dirname "$0") "$dir/network-bridge" "$@" vifnum=0 netdev=eth0 bridge=xenbr0 "$dir/network-bridge" "$@" vifnum=1 netdev=eth1 bridge=xenbr1 "$dir/network-bridge" "$@" vifnum=2 netdev=eth2 bridge=xenbr2 I do _not_ bring eth2 up on the dom0. If the nic is up, I was unable to get a DHCP address in IPCOP, so make sure it is down. Once the network is setup, just install ipcop as a normal hvm guest putting only xenbr1 and xenbr2 in the config file. I *think* you should be able to do it with only 2 nic''s, but don''t know for sure. I had enough room and nic cards are cheap enough that I didn''t even bother trying with that setup. If you need anything more clear let me know. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
I also have IpCop 1.4.18 running inside a fully virtualized (HVM) domain. I am using CentOS 5.1 / Xen 3.1. I only use two network cards, though, one for the local network (green), and then one for the cable modem (red). The script Jason provided will also work for a two-network card arrangement, just remove the last line. In order to use IpCop as a PV guest, you need to use a newer kernel that can be made xen-aware. I have tried compiling in Xen support into the 2.6.22 kernel used by the IpCop 1.9 that is in development, but so far to no avail. The Xen kernel patches are conflicting with the other patches they apply to the kernel before compiling it). So that just leaves the options of not using the other patches (which I am going to assume are required), or not PV IpCop. If someone can point me in the right direction of just adding the PV drivers (netfront, xennet, vbd, pcifront, etc.), then I will try and make a stab at just compiling those into the kernel, so it can at least know that all of its devices are virtual, even if it thinks it has its own processor. ~Michael _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users