Tony Liao wrote:
> the host service providers route the public ip 74.*.64.64/26
>to physical host(74.*.64.18), but I don''t know how to set these up.
> I searched the internet,and found
>this:http://www.debian-administration.org/articles/360.I trid as the
>article said but fail.
> I think I should setup the gateway first,which will be best
>choice,virtual host or physical host? can do you have examples,no
>mater NAT or BridgeÅB
Since you have multiple public IP''s, I would use
them for any public facing services - so don''t
use NAT. If you want an ''internal'' network with
more devices, then have this separately (and use
NAT for that).
I would use a routed setup - your outside
interface will have address 74.*.64.18, and your
inside interface will have 74.*.64.nn where nn is
any of your usable IPs (personally I would
configure it as 74.*.64.65/26.
I personally would run a dedicated system (either
a small ''real'' box, or a VM guest) just to run
the router, and I would install a firewall on it
(my preference being Shorewall
http://www.shorewall.net). Make all internet
access go through this dedicated box.
You can either ''hide'' the external interface and
make it available directly to your guest (which
is what I have at home), or have a separate xen
bridge with the external interface in it (and not
made available to any other guests).
If you want a ''private'' internal network, then I
would suggest a 3-port firewall setup with
external, dmz, and internal interfaces - and have
xen bridges for dmz and internal (plus external
if you do it that way) networks.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users