I have DomU instances running on a Dom0 which has a public IP I want to be able to provide internet to these DomU instances also.So I had thought of setting a squid proxy . I am aware of setting IPTABLES I have done it on non xen machines.Some one who have done it on a server that runs Xen please share some thing as how should I go for it. The Dom0 will be having a public IP and I want all the DomU traffic to masquarade through it. Some sample configurations may help. http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html -- Tapas _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Sat, Apr 10, 2010 at 10:42 AM, Tapas Mishra <mightydreams@gmail.com>wrote:> I have DomU instances running on a Dom0 which has a public IP I want > to be able to provide internet to these DomU instances also.So I had > thought of setting a squid proxy . > > I am aware of setting IPTABLES I have done it on non xen machines.Some > one who have done it on a server that runs Xen please share some thing > as how should I go for it. > The Dom0 will be having a public IP and I want all the DomU traffic to > masquarade through it. > Some sample configurations may help. > http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html > -- > Tapas > >Is your intention for those DomU''s to be accessed from the outside or just that they can access the outside? If it''s the latter you can use the network-nat and vif-nat scripts included in Xen. If it''s the former you need to have all DomUs come up on the same bridge, then create a dummy0 interface and add it to that bridge and create firewall rules to direct traffic in and allow it back out. Grant McWilliams Some people, when confronted with a problem, think "I know, I''ll use Windows." Now they have two problems. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
> Is your intention for those DomU''s to be accessed from the outside or just > that they can access the outside? > If it''s the latter you can use the network-nat and vif-nat scripts included > in Xen.It is working I set up squid and NAT using IPTABLES.vif-nat scripts in xen I did not enabled that option. If it''s the former you need to have> all DomUs come up on the same bridge, then create a dummy0 interface and add > it to that bridge and create > firewall rules to direct traffic in and allow it back out.I am working on this one.> > Grant McWilliams > > Some people, when confronted with a problem, think "I know, I''ll use > Windows." > Now they have two problems. > >-- Tapas _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Apr 12, 2010 at 4:47 AM, Tapas Mishra <mightydreams@gmail.com> wrote:>> Is your intention for those DomU''s to be accessed from the outside or just >> that they can access the outside?Done following article was helpful http://www.debian-administration.org/articles/73>> If it''s the latter you can use the network-nat and vif-nat scripts included >> in Xen. > It is working I set up squid and NAT using IPTABLES.vif-nat scripts in > xen I did not enabled that option.Done.>> Some people, when confronted with a problem, think "I know, I''ll use >> Windows." >> Now they have two problems.-- Tapas +91 8971248477 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users