hi, -- if this is not the right community, please direct me to the most appropriate, thanks i''m having trouble with installing the unstable xen (i want to check out remus). i''ve cloned the repo, and after using the # make world # make install i don''t get a build of a xen-kernel, but what seems to be a regular kernel. however, if i use the '' KERNELS = "xen0 xenU" '', i get the slim kernels that the README specified. i''m having trouble getting my nics to work with the slim version, and i want to eliminate the option that it''s because of the slim version. my questions: 1. when am i suppose to enter the "make KERNELS=...." ? before/after/with make world and make install? 2. is there a way to avoid downloading the entire git repo of the unpatched kernel during the make? 3. how do i create a non-slim xen kernel? 4. i have multiple eth and peth when running ifconfig. how do get my broadcom drivers to stick to the actual nic and not the bridge? i''m quite new in xen and open-source communities, so any help/guidance/you''re in the wrong place will be appreciated. thanks! _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On EC2, each instance (Xen DomU) gets an internal IP address (usually 10.x.y.z) and also a public IP address which is NAT''ed to the internal IP address. I am assuming that this NAT happens in Dom0. In XCP, the DomU VIFs are directly bridged to the physical network -- this would be the internal IP equivalent. I don''t see any equivalent way to NAT the public IP address to the internal IP address. With xend-style networking it may have been possible to use network-nat or perhaps network-route vi /etc/xen/xend-config.sxp (network-script network-route) #(network-script network-bridge) #(network-script network-nat) Is it possible in XCP? Thanks -- CV _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Unless I''m reading something wrong here, I can''t figure out why you''d want a private IP NATted to a dedicated public IP for the DomU. If you''re going to use the DomUs as NATted workstations, just put the whole thing behind a NAT router and you''re done. Vern Burke SwiftWater Telecom http://www.swiftwatertel.com ISP/CLEC Engineering Services Data Center Services Remote Backup Services On 3/14/2010 3:30 PM, C V wrote:> On EC2, each instance (Xen DomU) gets an internal IP address (usually > 10.x.y.z) and also a public IP address which is NAT''ed to the internal > IP address. I am assuming that this NAT happens in Dom0. > > In XCP, the DomU VIFs are directly bridged to the physical network -- > this would be the internal IP equivalent. I don''t see any equivalent way > to NAT the public IP address to the internal IP address. With xend-style > networking it may have been possible to use network-nat or perhaps > network-route > > vi /etc/xen/xend-config.sxp > (network-script network-route) > #(network-script network-bridge) > #(network-script network-nat) > > Is it possible in XCP? > > Thanks > -- > CV > > > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
That works in a single-user usecase. If an ISP wants to replicate the EC2 model and support multiple tenants, then each tenant gets their own public IP and can program their own firewall rules through the API. Most hardware firewalls don''t have APIs to program firewall rules. ________________________________ From: Vern Burke <vburke@skow.net> To: xen-users@lists.xensource.com Sent: Sun, March 14, 2010 12:39:54 PM Subject: Re: [Xen-users] XCP and Amazon EC2-style networking Unless I''m reading something wrong here, I can''t figure out why you''d want a private IP NATted to a dedicated public IP for the DomU. If you''re going to use the DomUs as NATted workstations, just put the whole thing behind a NAT router and you''re done. Vern Burke SwiftWater Telecom http://www.swiftwatertel.com ISP/CLEC Engineering Services Data Center Services Remote Backup Services On 3/14/2010 3:30 PM, C V wrote:> On EC2, each instance (Xen DomU) gets an internal IP address (usually > 10.x.y.z) and also a public IP address which is NAT''ed to the internal > IP address. I am assuming that this NAT happens in Dom0. > > In XCP, the DomU VIFs are directly bridged to the physical network -- > this would be the internal IP equivalent. I don''t see any equivalent way > to NAT the public IP address to the internal IP address. With xend-style > networking it may have been possible to use network-nat or perhaps > network-route > > vi /etc/xen/xend-config.sxp > (network-script network-route) > #(network-script network-bridge) > #(network-script network-nat) > > Is it possible in XCP? > > Thanks > -- > CV > > > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Grant McWilliams
2010-Mar-14 23:46 UTC
Re: [Xen-users] XCP and Amazon EC2-style networking
On Sun, Mar 14, 2010 at 12:30 PM, C V <rayvittal-lists@yahoo.com> wrote:> On EC2, each instance (Xen DomU) gets an internal IP address (usually > 10.x.y.z) and also a public IP address which is NAT''ed to the internal IP > address. I am assuming that this NAT happens in Dom0. > > In XCP, the DomU VIFs are directly bridged to the physical network -- this > would be the internal IP equivalent. I don''t see any equivalent way to NAT > the public IP address to the internal IP address. With xend-style networking > it may have been possible to use network-nat or perhaps network-route > > vi /etc/xen/xend-config.sxp > (network-script network-route) > #(network-script network-bridge) > #(network-script network-nat) > > Is it possible in XCP? > > Thanks > -- > CV > > So really all you want is for your public IP to be routed to your vif andback? Grant McWilliams _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Yes, and also the ability to specify fine-grained firewall rules on the public address. ________________________________ From: Grant McWilliams <grantmasterflash@gmail.com> To: C V <rayvittal-lists@yahoo.com> Cc: xen-users@lists.xensource.com Sent: Sun, March 14, 2010 4:46:02 PM Subject: Re: [Xen-users] XCP and Amazon EC2-style networking On Sun, Mar 14, 2010 at 12:30 PM, C V <rayvittal-lists@yahoo.com> wrote:> >On EC2, each instance (Xen DomU) gets an internal IP address (usually 10.x.y.z) and also a public IP address which is NAT''ed to the internal IP address. I am assuming that this NAT happens in Dom0. > >In XCP, the DomU VIFs are directly bridged to the physical network -- this would be the internal IP equivalent. I don''t see any equivalent way to NAT the public IP address to the internal IP address. With xend-style networking it may have been possible to use network-nat or perhaps network-route > >vi /etc/xen/xend-config.sxp >(network-script network-route) >#(network-script network-bridge) >#(network-script network-nat) > >Is it possible in XCP? > >Thanks >-- >CV > >So really all you want is for your public IP to be routed to your vif and back? Grant McWilliams _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users