Hello, I am looking for a way to bind the vncserver of xen machine not to localhost but to my management LAN. I cant find anything about that in the documentation. Can someone help me out? Kind regards, Dirk Pol _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Dirk Pol:> I am looking for a way to bind the vncserver of xen machine not to > localhost but to my management LAN.Just start the vncserver on a host of your management LAN. Greetings, Mark Weinem _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
What I mean is: [root@localhost auto]# netstat -na Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:5900 0.0.0.0:* LISTEN it is bound to 127.0.0.1:5900 and I want to bind it to 0.0.0.0 so that i can reach it from my management LAN Dirk Pol:> I am looking for a way to bind the vncserver of xen machine not to> localhost but to my management LAN.Just start the vncserver on a host of your management LAN. Greetings, Mark Weinem Met vriendelijke groet, Dirk Pol PE NetLogics B.V. E-mail: dirkpol@netlogics.nl <mailto:dirkpol@netlogics.nl> Internet: http://www.netlogics.nl <http://www.netlogics.nl> ________________________________ Dedicated Hosting - WebHosting - Co-Location - Software Development - Website Development - KPN Business Partner ________________________________ De inhoud van dit bericht en de eventueel daarbij behorende bijlagen zijn persoonlijk gericht aan en derhalve uitsluitend bestemd voor de geadresseerde. Elk gebruik van de inhoud van dit bericht en/of van de daarbij behorende bijlagen door een ander dan en zonder toestemming van de geadresseerde of afzender is onrechtmatig. Heeft u dit bericht ontvangen en bent u niet de geadresseerde, noch bevoegd dit bericht namens geadresseerde te ontvangen, dan verzoeken wij u vriendelijk ons direct op de hoogte te stellen van de ontvangst. Telefoon: +31 (0)481-351799 The contents of this message, as well as any enclosures, are addressed personally to, and thus solely intended for the addressee. Any use of the contents of this message and/or of the enclosures by any other person than and without the permission of the addressee or sender is illegal. If you are neither the intended recipient, nor empowered to receive this message onbehalf of the addressee, please notify us immediately. Telephone: +31 (0)481-351799. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Dirk Pol wrote:> What I mean is: > > > > [root@localhost auto]# netstat -na > > Active Internet connections (servers and established) > > Proto Recv-Q Send-Q Local Address Foreign > Address State > > tcp 0 0 127.0.0.1:5900 > 0.0.0.0:* LISTEN > > > > it is bound to 127.0.0.1:5900 and I want to bind it to 0.0.0.0 so that i > can reach it from my management LAN > > > > > > > > > > > > Dirk Pol: > > > >> I am looking for a way to bind the vncserver of xen machine not to > >> localhost but to my management LAN. > > > > Just start the vncserver on a host of your management LAN. > > > > Greetings, Mark Weinem > > > > > > Met vriendelijke groet, > > Dirk Pol >Hi Dirk, you definitely do not want to do that: it''s as insecure as you can make it. As a solution do from your local client : user@client$ ssh -f -N -L localhost:5900:localhost:5900 username@userdomain user@client$ xvnc4viewer localhost:0 Sincerely, Jan. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello, I agree with you that it is insecure to bind it to "world". What i realy want is to bind it to my management Vlan where also my ILO network resides. I have 4 phy interfaces available in my xen clustermembers 2 i-scsi 1 management / dom0 1 domU Do i overlook something regarding to the security issue? As i dont run a xserver in my hosting location your reverse ssh solution does not work for me. Kind regards, Dirk Pol -----Original Message----- From: John Smith [mailto:netman1@home.nl] Sent: dinsdag 24 oktober 2006 18:55 To: Dirk Pol Cc: xen-users@lists.xensource.com Subject: Re: [Xen-users] Re: VNC not on Localhost Dirk Pol wrote:> What I mean is: > > > > [root@localhost auto]# netstat -na > > Active Internet connections (servers and established) > > Proto Recv-Q Send-Q Local Address Foreign > Address State > > tcp 0 0 127.0.0.1:5900 > 0.0.0.0:* LISTEN > > > > it is bound to 127.0.0.1:5900 and I want to bind it to 0.0.0.0 so that i > can reach it from my management LAN > > > > > > > > > > > > Dirk Pol: > > > >> I am looking for a way to bind the vncserver of xen machine not to > >> localhost but to my management LAN. > > > > Just start the vncserver on a host of your management LAN. > > > > Greetings, Mark Weinem > > > > > > Met vriendelijke groet, > > Dirk Pol >Hi Dirk, you definitely do not want to do that: it''s as insecure as you can make it. As a solution do from your local client : user@client$ ssh -f -N -L localhost:5900:localhost:5900 username@userdomain user@client$ xvnc4viewer localhost:0 Sincerely, Jan. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hello, I worked it out! I am using a Windows machine to manage the farm. I found out that PuTTy on windows can also do the tunnel trick. Following this document: http://www.cs.uu.nl/technical/services/ssh/putty/puttyfw.html Makes the DomU vncserver port available on my management machine. Where I can connect to localhost:590x for my domU "out-of-band" management. Thanks Jan for Hinting me in the right direction...The framebuffer solution was too complex for me. Regards, Dirk Pol Dirk Pol wrote:> What I mean is: > > > > [root@localhost auto]# netstat -na > > Active Internet connections (servers and established) > > Proto Recv-Q Send-Q Local Address Foreign > Address State > > tcp 0 0 127.0.0.1:5900 > 0.0.0.0:* LISTEN > > > > it is bound to 127.0.0.1:5900 and I want to bind it to 0.0.0.0 so that i > can reach it from my management LAN > > > > > > > > > > > > Dirk Pol: > > > >> I am looking for a way to bind the vncserver of xen machine not to > >> localhost but to my management LAN. > > > > Just start the vncserver on a host of your management LAN. > > > > Greetings, Mark Weinem > > > > > > Met vriendelijke groet, > > Dirk Pol >Hi Dirk, you definitely do not want to do that: it''s as insecure as you can make it. As a solution do from your local client : user@client$ ssh -f -N -L localhost:5900:localhost:5900 username@userdomain user@client$ xvnc4viewer localhost:0 Sincerely, Jan. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users