Hi, I''m preparing a host to be shipped to a datacentre, with the aim of replicating 2 seperate machines in another datacentre. My question is, do I need 4 public addresses to achieve this? My understanding is I''ll need a public address for the dom0, one for the bridge and then one for each domU. Thanks in advance -- Pete _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Am also interested in this topic :) Am not sure if the bridge needs ip address to be assigned. So 3 public IPs will be enough? BR Peter 2006/11/27, Pete McEvoy <pete@yerma.org>:> Hi, > I''m preparing a host to be shipped to a datacentre, with the aim of > replicating 2 seperate machines in another datacentre. > My question is, do I need 4 public addresses to achieve this? > My understanding is I''ll need a public address for the dom0, one for the > bridge and then one for each domU. > Thanks in advance > > -- > Pete > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Nov 27, 2006 at 01:18:16PM +0000, Pete McEvoy wrote:> I''m preparing a host to be shipped to a datacentre, with the aim of > replicating 2 seperate machines in another datacentre. > My question is, do I need 4 public addresses to achieve this? > My understanding is I''ll need a public address for the dom0, one for the > bridge and then one for each domU. > Thanks in advanceI''ve been advised off list to be more specific in my requirements, which I guess is a fair request, the only problem being a lack of knowledge on my part to elaborate further. Up ''til now, I''ve been happily using the vif-bridge script for all my domUs, giving them unallocated ips within 10.0.0.0/16 range. I now need to set up a xen host in a datacentre with each domU having a routable public ip address. The person in the datacentre wants to know how many public ip addresses I require, and I need to make sure I have this box setup correctly before I ship it halfway across the country. I know for sure that I want to end up with the two domUs having their own routable public ip addresses, and I assume the dom0 would need its own ip as well, but over and above that, I''m floundering. At this point I probably dont need to point out that I''d like to keep this setup as simple as possible, I''m cock-eyed from reading the many xen networking guides google finds, and I''m begining to suspect that even what I had assumed would be a fairly trivial setup may be somewhat beyond my complexity horizon. Thanks, again, in advance. -- Pete _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
> From: Pete McEvoy <pete@yerma.org> > Date: November 27, 2006 3:07:49 PM EST (CA) > To: xen-users@lists.xensource.com > Subject: Re: [Xen-users] routed networking > > > On Mon, Nov 27, 2006 at 01:18:16PM +0000, Pete McEvoy wrote: >> I''m preparing a host to be shipped to a datacentre, with the aim of >> replicating 2 seperate machines in another datacentre. >> My question is, do I need 4 public addresses to achieve this? >> My understanding is I''ll need a public address for the dom0, one >> for the >> bridge and then one for each domU. >> Thanks in advance > > I''ve been advised off list to be more specific in my requirements, > which > I guess is a fair request, the only problem being a lack of > knowledge on > my part to elaborate further. > > Up ''til now, I''ve been happily using the vif-bridge script for all my > domUs, giving them unallocated ips within 10.0.0.0/16 range. I now > need > to set up a xen host in a datacentre with each domU having a routable > public ip address. The person in the datacentre wants to know how > many > public ip addresses I require, and I need to make sure I have this box > setup correctly before I ship it halfway across the country. > I know for sure that I want to end up with the two domUs having their > own routable public ip addresses, and I assume the dom0 would need its > own ip as well, but over and above that, I''m floundering. > > At this point I probably dont need to point out that I''d like to keep > this setup as simple as possible, I''m cock-eyed from reading the many > xen networking guides google finds, and I''m begining to suspect that > even what I had assumed would be a fairly trivial setup may be > somewhat > beyond my complexity horizon. > > Thanks, again, in advance. > > -- > PeteI am also new to xen so take with a grain of salt. I found the networking wiki page to be very useful in understanding how xen networking functions: http://wiki.xensource.com/xenwiki/XenNetworking My interpretation of your requirements and this wiki page are: - you want all DomU''s visible to Internet - you want DomU to have a single eth interface - you want to use bridge networking - you don''t mind having Dom0 publicly addressable - xenbr0 (bridge) does not use an IP (as per wiki) Then you should need an IP address for each of the eth interfaces on your physical server and one for each of your DomU vms. For example if your server has a single eth0 interface, you would need 3 IPs for each of Dom0, DomU1 and DomU2. Cheers, Mike. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Nov 27, 2006 at 03:46:36PM -0500, Michael Froh wrote:> I am also new to xen so take with a grain of salt. I found the networking > wiki > page to be very useful in understanding how xen networking functions: > http://wiki.xensource.com/xenwiki/XenNetworking > My interpretation of your requirements and this wiki page are: > - you want all DomU''s visible to Internet > - you want DomU to have a single eth interface > - you want to use bridge networking > - you don''t mind having Dom0 publicly addressable > - xenbr0 (bridge) does not use an IP (as per wiki) > Then you should need an IP address for each of the eth interfaces on your > physical server and one for each of your DomU vms. For example if your > server has a single eth0 interface, you would need 3 IPs for each of Dom0, > DomU1 and DomU2.Thanks for replying. That pretty much sums it up, so am I to assume its as simple as changing the line I use from (vif-script vif-bridge) to (vif-script vif-route) in xend-config.sxp and configuring my dom0 and domUs in a ''normal'' manner with the 3 ips I''m provided? If so, I feel pretty stupid.. Thanks again. -- Pete _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Nov 27, 2006 at 08:07:49PM +0000, Pete McEvoy wrote:> Up ''til now, I''ve been happily using the vif-bridge script for all my > domUs, giving them unallocated ips within 10.0.0.0/16 range. I now need > to set up a xen host in a datacentre with each domU having a routable > public ip address. The person in the datacentre wants to know how many > public ip addresses I require, and I need to make sure I have this box > setup correctly before I ship it halfway across the country. > I know for sure that I want to end up with the two domUs having their > own routable public ip addresses, and I assume the dom0 would need its > own ip as well, but over and above that, I''m floundering.So instead of allocating 10.0/16 addresses to your domUs, you just allocate public IPs to your domUs. It might help to think of the bridge as a regular Ethernet switch, and each of the machines (dom0 and domU) as a separate physical machine. Then you just configure each machine as you would normally, and leave the bridge to play Ethernet games in the middle. Using that mental model has never steered me wrong yet. - Matt -- "I''m tempted to try Gentoo, but then I learned that its installer is in Python, and, well, a base Python install on my system is something like fifty megabytes (for what? oh, right, we NEED four XML libraries, I forgot)." -- Dave Brown, ASR _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, Nov 28, 2006 at 08:29:54AM +1100, Matthew Palmer wrote:> So instead of allocating 10.0/16 addresses to your domUs, you just allocate > public IPs to your domUs. > > It might help to think of the bridge as a regular Ethernet switch, and each > of the machines (dom0 and domU) as a separate physical machine. Then you > just configure each machine as you would normally, and leave the bridge to > play Ethernet games in the middle. Using that mental model has never > steered me wrong yet.Thats a nice analogy, thanks. Would it be a reasonable facsimile of routable public ip addressing if I were to add an interface on a spare box I have with the gateway address in the datacentre, configure my xen hosts with the public ip addresses provided, and ensure they can communicate with each other on my internal network? If not, can anyone confirm the following is what I need to do to move from my existing bridge setup using rfc1918 addresses to public routable ips: Change (network-script network-bridge) (vif-script vif-bridge) to (network-script network-route) (vif-script vif-route) in xend-config.sxp Modify each VM config file from vif = ['' bridge=xenbr0'' ] to vif = [ ''ip=mypublicip'' ] Configure dom0 annd domUs normally. Thanks -- Pete _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Nov 27, 2006 at 10:44:17PM +0000, Pete McEvoy wrote:> On Tue, Nov 28, 2006 at 08:29:54AM +1100, Matthew Palmer wrote: > > So instead of allocating 10.0/16 addresses to your domUs, you just allocate > > public IPs to your domUs. > > > > It might help to think of the bridge as a regular Ethernet switch, and each > > of the machines (dom0 and domU) as a separate physical machine. Then you > > just configure each machine as you would normally, and leave the bridge to > > play Ethernet games in the middle. Using that mental model has never > > steered me wrong yet. > > Thats a nice analogy, thanks. > If not, can anyone confirm the following is what I need to do to move > from my existing bridge setup using rfc1918 addresses to public routable > ips:In case it appears I was being obtuse and not listening to what you told me.. Can I just use the bridge as I have been doing, with no modification to my config at all, just changing the ips within dom0/domU OR, do i need to..> Change > (network-script network-bridge) > (vif-script vif-bridge) > > to > > (network-script network-route) > (vif-script vif-route) > > in xend-config.sxp > > Modify each VM config file from > vif = ['' bridge=xenbr0'' ] > > to > > vif = [ ''ip=mypublicip'' ] > > Configure dom0 annd domUs normally. > > Thanks > > > -- > Pete > > > > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Nov 27, 2006 at 10:44:17PM +0000, Pete McEvoy wrote:> On Tue, Nov 28, 2006 at 08:29:54AM +1100, Matthew Palmer wrote: > > So instead of allocating 10.0/16 addresses to your domUs, you just allocate > > public IPs to your domUs. > > > > It might help to think of the bridge as a regular Ethernet switch, and each > > of the machines (dom0 and domU) as a separate physical machine. Then you > > just configure each machine as you would normally, and leave the bridge to > > play Ethernet games in the middle. Using that mental model has never > > steered me wrong yet. > > Thats a nice analogy, thanks. > > Would it be a reasonable facsimile of routable public ip addressing if I > were to add an interface on a spare box I have with the gateway address > in the datacentre, configure my xen hosts with the public ip addresses > provided, and ensure they can communicate with each other on my internal > network?Yes.> If not, can anyone confirm the following is what I need to do to move > from my existing bridge setup using rfc1918 addresses to public routable > ips: > > Change > (network-script network-bridge) > (vif-script vif-bridge) > > to > > (network-script network-route) > (vif-script vif-route) > > in xend-config.sxpUnless you''re planning on doing the routing for your IP space on your dom0, I don''t think you want to do this. All of my setups have used an external border router, and all of the domUs and dom0s (and other random machines) have all been on the same ethernet segment. YMMV, though, depending on what your provider plans on doing. - Matt -- I told [my daughter] that if I see her digging a hole that she might not be able to crawl out of, my job isn''t to stand back and say "That''s a *real* nice hole you''re digging there". -- Paul Tomblin, ASR _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Tue, Nov 28, 2006 at 10:33:45AM +1100, Matthew Palmer wrote:> Unless you''re planning on doing the routing for your IP space on your dom0, > I don''t think you want to do this. All of my setups have used an external > border router, and all of the domUs and dom0s (and other random machines) > have all been on the same ethernet segment. YMMV, though, depending on what > your provider plans on doing.Ok, thanks Matthew and everyone else who helped. It''s now sunk in that I dont need to do anything to my working setup other than change the ips appropriately, and the answer to my initial question is I need an ip for each host I plan to have unfettered ip connectivity to, be they dom0 or domUs. Occam''s razor springs to mind. I''d like to add that I''m not a big fan of making myself out to be some sort of cretin who cant read/understand documentation, but the alternative to this would be a day spent travelling to a distant datacentre to fix some silly error. I hope it doesnt seem selfish that I would trade a few moments of your time for a day of mine :) Thanks -- Pete _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 27-Nov-06, at 4:11 PM, Pete McEvoy wrote:> On Mon, Nov 27, 2006 at 03:46:36PM -0500, Michael Froh wrote: >> I am also new to xen so take with a grain of salt. I found the >> networking >> wiki >> page to be very useful in understanding how xen networking >> functions: >> http://wiki.xensource.com/xenwiki/XenNetworking >> My interpretation of your requirements and this wiki page are: >> - you want all DomU''s visible to Internet >> - you want DomU to have a single eth interface >> - you want to use bridge networking >> - you don''t mind having Dom0 publicly addressable >> - xenbr0 (bridge) does not use an IP (as per wiki) >> Then you should need an IP address for each of the eth >> interfaces on your >> physical server and one for each of your DomU vms. For example >> if your >> server has a single eth0 interface, you would need 3 IPs for >> each of Dom0, >> DomU1 and DomU2. > > Thanks for replying. > That pretty much sums it up, so am I to assume its as simple as > changing the line I use from (vif-script vif-bridge) to (vif-script > vif-route) in xend-config.sxp and configuring my dom0 and domUs in a > ''normal'' manner with the 3 ips I''m provided? > > If so, I feel pretty stupid.. > > Thanks again. > > -- > PeteI don''t think you have to move to the routed xen configuration (I do not have any experience yet). I do know that on my bridged xen machine I can run many vms, all with unique mac addresses and dhcp issued IPs. I can arp/ping between any real host and any virtual machine. The only reason I would see for running the routed xen networking is if there are other xen vms running in bridge mode and there is a MAC address collision on the ISPs LAN. That is, a collision in the IEEE assigned xen MAC address space (00:16:3e:xx:xx:xx). Assuming xen actually assigns MAC addresses randomly, then the chance of a collision is still pretty small given there are over 16 million unique xen MAC addresses. I suppose this would be a reason to have xen randomly assign MACs in an ISP setting to reduce the chance of MAC collision. To do this you just include the "vif = [ '''' ]" line in your vm config. Assuming your ISP is giving you static IPs, you would just bring up eth0 in your vm using normal methods for our linux using the ISP assigned static IP. Mike. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users