KC LO
2010-Jun-07  19:50 UTC
Re: [Xen-users] Restrict IP addres per DomU guest( Prevent IP conflict)
Thanks all!
I have tried the setup but it does not solve the IP conflict on DomU.  Do
you have any ideas?  BTW, I have disabled iptables on the Dom0 host?  Does
it require iptables running?
My DomU startup script has been modified like this :
disk = [ ''phy:/dev/VolGroup00/centos2,xvda,w'' ]
vif = [ ''ip=111.28.55.32 , mac=00:16:36:0A:B1:1C ,
bridge=eth0'' ]
My brctl show output
[root@localhost xen]# brctl show
bridge name     bridge id               STP enabled     interfaces
eth0            8000.a4badb19e753       no              vif59.0
                                                        vif40.0
                                                        vif37.0
                                                        tap37.0
                                                        vif12.0
                                                        vif5.0
                                                        tap5.0
                                                        vif3.0
                                                        tap3.0
                                                        peth0
virbr0          8000.000000000000       yes
My xm list -l domu on VIF shows like
(device
        (vif
            (bridge eth0)
            (uuid 7b955f3d-6efb-57c4-885e-f48614f8809f)
            (script /etc/xen/scripts/vif-bridge)
            (ip 111.28.55.32)
            (mac 00:16:36:0A:B1:1C)
            (backend 0)
        )
    )
On 20 May 2010 04:33, Matthew Law <matt@webcontracts.co.uk> wrote:
>
> On Wed, May 19, 2010 8:09 pm, KC LO wrote:
> > Hi all,
> >
> > If I have setup multiple DomU guests(like guest1, guest2, guest3) on
top
> > of
> > a Dom0 server, how can I restrict the IP address on guest OS?  For
> > example,
> > guest1 can only use 1.1.1.1.  If the admin of guest1 change the IP
> address
> > other than 1.1.1.1, it will lose connectivity.  In a phycial
environment,
> > I
> > can implement the policy at the ethernet switch to limit the IP
address
> > per
> > port.  Any solution for it?
>
> You could start with something like this:
>
>
>
http://www.standingonthebrink.com/index.php/ipv6-ipv4-and-arp-on-xen-for-vps/
>
>
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users