Hey, I just wrote (well, modified network-bridge) a script to set up private networking. Not sure if anyone else is interested, but it would be nice if this was added into xen. It is very similar to network-bridge, except it doesn''t add peth0 onto the bridge. That is, a bridge is set up and all the vifs get added. In dom0, we just configure veth0 with an ip address and add vif0.0 to the bridge. It works great using network-private and vif-bridge, you get a private network so the domUs and dom0 can communicate with each other, but with no one else (well, depends on config in dom0...). Also, this could replace both network-nat and network-route. After using network-private, it is just a standard 2-card router setup with eth0 outside and veth0 inside. Shorewall or ipmasq or raw iptables commands, or any standard tool can easily be set up. No need to do all that kind of stuff from inside the xen scripts. John _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users