I have installed Debian and Xen and 4 Virtual Hosts are up which can be accessed via doing and SSH to Dom0. I have a few questions. 1) I do not want to do an SSH to Dom0 always directly want to access DomU''s how to go for that? 2) Want to have 4 websites running on these 4 virtual hosts but they should be accessible on a public IP which Dom0 has so how should I go for it? _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Grant McWilliams
2010-Apr-10 08:53 UTC
Re: [Xen-users] to access 4 Virtual Hosts from a public IP
On Fri, Apr 9, 2010 at 11:09 PM, Tapas Mishra <mightydreams@gmail.com>wrote:> I have installed Debian and Xen and 4 Virtual Hosts are up which can > be accessed via doing and SSH to Dom0. > I have a few questions. > 1) I do not want to do an SSH to Dom0 always directly want to access > DomU''s how to go for that? > 2) Want to have 4 websites running on these 4 virtual hosts but they > should be accessible on a public IP which Dom0 has so how should I go > for it? > > Completely depends on your internernal network setup. If you have all ofyour vifs on the default bridge then they''ll have addresses on the same range as your Dom0 and the public IPs will have to be routed through to the internal private IPs the same way the Dom0 is. However, if you''ve managed to put all the vifs on their own bridge (different than the one that Dom0''s peth0 is on) then you need to set up iptables to route between the outside interface and the inside interface. Grant McWilliams _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
David Markey
2010-Apr-10 10:16 UTC
Re: [Xen-users] to access 4 Virtual Hosts from a public IP
You could go the iptables route. This should be easy if your DomU''s external access is routed through your Dom0 as a default gw. For HTTP you could also go the reverse proxy route i.e. http://external/internal1 http://external/internal2 If you don''t want to setup iptables and you want a quick fix, you can use socat, On 10 April 2010 09:53, Grant McWilliams <grantmasterflash@gmail.com> wrote:> > On Fri, Apr 9, 2010 at 11:09 PM, Tapas Mishra <mightydreams@gmail.com>wrote: > >> I have installed Debian and Xen and 4 Virtual Hosts are up which can >> be accessed via doing and SSH to Dom0. >> I have a few questions. >> 1) I do not want to do an SSH to Dom0 always directly want to access >> DomU''s how to go for that? >> 2) Want to have 4 websites running on these 4 virtual hosts but they >> should be accessible on a public IP which Dom0 has so how should I go >> for it? >> >> Completely depends on your internernal network setup. If you have all of > your vifs on the default bridge > then they''ll have addresses on the same range as your Dom0 and the public > IPs will have to be routed through to the > internal private IPs the same way the Dom0 is. > > However, if you''ve managed to put all the vifs on their own bridge > (different than the one that Dom0''s peth0 is on) then you need to set up > iptables to route between the outside interface and the inside interface. > > > Grant McWilliams > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Tapas Mishra
2010-Apr-10 11:29 UTC
Re: [Xen-users] to access 4 Virtual Hosts from a public IP
Ok thanks for this suggestion. I will go by the iptables route. How do I test whether network-script is running or not in Xen Dom0. The problem is before I go on to set NAT I wanted to test bridges. So I renamed the bridge in /etc/xen/xend-config.sxp (network-script ''network-bridge bridge=ABCD'') but when I do a reboot or xend restart and do following openworld:/etc/xen# brctl show bridge name bridge id STP enabled interfaces eth2 8000.0026b9824238 no peth2 vif1.0 vif2.0 vif3.0 vif4.0 openworld:/etc/xen# the bridge is not renamed to ABCD above output is showing eth2 which is not even default. So I doubt that the script network-bridge has not been called so that it renames the bridge or there is some thing else I should look for. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Tapas Mishra
2010-Apr-11 23:11 UTC
[Xen-users] Re: to access 4 Virtual Hosts from a public IP
Thank you all It is working.I used IPTABLES.Each of the Virtual Host is connecting to internet now. On Sun, Apr 11, 2010 at 7:56 PM, Jason Edgecombe <jason@rampaginggeek.com> wrote:> Tapas Mishra wrote: >> >> On Sat, Apr 10, 2010 at 10:50 PM, Jason Edgecombe >> <jason@rampaginggeek.com> wrote: >> >>> >>> ok, I''m a little confused. Please confirm that I understand this >>> correctly. >>> >>> You have 6 hosts: >>> >> >> Right >> >>> >>> two physical machines: A( xenhost dom0) & B (non-xen) >>> >> >> Right >> >>> >>> four xen domU''s: a,b,c,d >>> >> >> Right >> >>> >>> You have two physical networks: Net1 (public internet), and Net2 (private >>> net) >>> >> >> Yes 2 networks >> >>> >>> Xen host A is connected to both Net1 and Net2. >>> >> >> Yes on same interface. >> >>> >>> Host A has a xen bridged >>> >> >> Yes now this is the problem wether bridge is running on it or not I am >> not sure although >> brctl show >> gives an out put bridge name eth2 >> but I am using xen 3.2 and in xen 3.3 and onwards the default name of >> bridge is same as >> the ethernet card. >> >> >>> >>> network with Net2, so that a, b, c, and d are all bridged to Net2. >>> >>> Host B is Net2. >>> >> >> >>> >>> Is this correct? >>> >> >> Yes >> >> Ok by the time you replied I had figured out see if it is right. >> Dom0 is acting as a router here >> as this page says >> dom0 from acting as an IP router: echo 0 > /proc/sys/net/ipv4/ip_forward. >> So the way I explained ssh is working from behind. >> >> Now the thing is I want to go to setup IPTABLES and NAT on Dom0 for >> the virtual hosts. >> I am very well aware of IPTABLES but Xen Dom0 is confusing me. >> I want these virtual hosts to be able to connect to internet as I run >> apt-get >> or commands so I will be creating a squid proxy on Dom0 for >> DomU''s to be behind Dom0 is it possible if yes if you can provide me >> some link that may help me a bit. >> Xen network wiki page talks some thing about ebtables. >> http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html >> Now here is I am confused at ebtables and iptables. >> > > You shouldn''t need to use ebtables. Iptables should work. > > For your situation, you will need "echo 1 > /proc/sys/net/ipv4/ip_forward" > you should be able to to set up a bridge, but use the private NIC instead of > the public NIC on dom0., then just follow a NAT tutorial. > > Leave the ssh forwarding and apache proxy until last. > > Jason >-- Tapas +91 8971248477 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users