Hi, I''ve read and tried to apply a few howtos without any luck. Does any one have NATing examples for xen 3.4.1? - Brian _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Tapas Mishra
2010-Apr-20 18:28 UTC
Re: [Xen-users] can any one help with NAT using xen 3.4.1
I have natted using Xen it is working I am able to SSh to DomU directly.I have not done reverse NATing. Let me know what you want to do. On Tue, Apr 20, 2010 at 11:31 PM, Brian Krusic <brian@krusic.com> wrote:> Hi, > > I''ve read and tried to apply a few howtos without any luck. > > Does any one have NATing examples for xen 3.4.1? > > > - Brian > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >-- Tapas http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers +91 8971248477 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Brian Krusic
2010-Apr-20 18:40 UTC
Re: [Xen-users] can any one help with NAT using xen 3.4.1
Awsome! Basically my domU has an IP of say; 10.0.10.200 255.255.0.0 10.0.10.1 Which I cannot change. The rest of my network including my dom0 is in the; 10.10.10.X range 255.255.0.0 10.10.10.1 I would like my network to see that domU as 10.10.10.200, no isolation and would prefer to reach it from my 10.10.10.X net. I setup bridging which seems to work were domU has 2 nics, 10.0.10.200 and 10.10.10.200 but would prefer NATing as my solution could pose unforeseen issue. - Brian On Apr 20, 2010, at 11:28 AM, Tapas Mishra wrote:> I have natted using Xen it is working I am able to SSh to DomU > directly.I have not done reverse NATing. > Let me know what you want to do. > > On Tue, Apr 20, 2010 at 11:31 PM, Brian Krusic <brian@krusic.com> > wrote: >> Hi, >> >> I''ve read and tried to apply a few howtos without any luck. >> >> Does any one have NATing examples for xen 3.4.1? >> >> >> - Brian >> >> >> _______________________________________________ >> Xen-users mailing list >> Xen-users@lists.xensource.com >> http://lists.xensource.com/xen-users >> > > > > -- > Tapas > http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers > +91 8971248477 > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Tapas Mishra
2010-Apr-21 03:33 UTC
Re: [Xen-users] can any one help with NAT using xen 3.4.1
> > How will packets then know to go from 10.10.10.200 which is what the world > thinks my domU is to 10.0.10.200 which is my internal domU IP as config''d > via its network scripts?I am a bit confused on your question is DomU on a different subnet than the LAN . 10.10.10.200 and 10.0.100.200 are both DomU how can you have 2 IPs on different subnet to your DomU are you using 2 LAN cards.If that is the case then you need to setup IPTABLES on Dom0.Even if you choose to isolate that then also IPTABLES you need to setup. Your Dom0 has to be configured to forward the packets coming to 10.10.10.200 to 10.0.100.200 then that means your Dom0 should also be in 10.10.10.x range . If it is a bridge setup you don''t need to do all that simple forwarding will do just check it once by enabling IP FORWARDING if it does not work then go ahead with IPTABLES. I am myself not clear on this part but it seems that Xend daemon takes care of this part at least if both xen dom0 and xen domU are in same subnet otherwise if you check my messages on this list you need to have a dummy bridge and then configure routing from that. But I have seen if you ping from DomU to your network or want to do an SSH and on the other machine you see you will get IP of DomU only. You can use a 3rd machine on your network and login to it via DomU and then type command w to confirm that it is able to know your IP. It is as good as saying that your added a physical machine to your network/ For your DomU the Dom0 will be the gateway that you will have to configure. and DNS will be same as for rest of machines on network,DomU needs to have just the gateway as Dom0 then xend daemon will take care of rest of the things.> Or should I also set the ip in config.sxp as you have written in section E?I have not said to configure IP on config.sxp you need to check vif-bridge and network-bridge words in the two lines there and uncomment if it is a bridged setup. and rest should be commented. -- Tapas +91 8971248477 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Brian Krusic
2010-Apr-21 17:48 UTC
Re: [Xen-users] can any one help with NAT using xen 3.4.1
Hi Tapas, The domU is on a diff subnet then dom0. And I need to keep that domU in its own subnet but not isolated. I would rather only use 1 LAN card on the domU. I''m unsure why I can''t understand how to do this in Xen, I do it all day long with routers, VMware, etc... Basically the domU should appear as 10.10.10.200 to the dom0 subnet while the domU itself remains at 10.0.10.200. - Brian On Apr 20, 2010, at 8:33 PM, Tapas Mishra wrote:>> >> How will packets then know to go from 10.10.10.200 which is what >> the world >> thinks my domU is to 10.0.10.200 which is my internal domU IP as >> config''d >> via its network scripts? > I am a bit confused on your question is DomU on a different subnet > than the LAN . > 10.10.10.200 and 10.0.100.200 are both DomU how can you have 2 IPs on > different subnet to your DomU are you using 2 LAN cards.If that is the > case then you need to setup IPTABLES on Dom0.Even if you choose to > isolate that then also IPTABLES you need to setup. > Your Dom0 has to be configured to forward the packets coming to > 10.10.10.200 to 10.0.100.200 then that means your Dom0 should also be > in 10.10.10.x range . > If it is a bridge setup you don''t need to do all that simple > forwarding will do just check it once by enabling IP FORWARDING if it > does not work then go ahead with IPTABLES. > > I am myself not clear on this part but it seems that Xend daemon > takes care of this part at least if both xen dom0 and xen domU are in > same subnet otherwise if you check my messages on this list you need > to have a dummy bridge and then configure routing from that. > > But I have seen if you ping from DomU to your network or want to do an > SSH and on the other machine you see you will get IP of DomU only. > You can use a 3rd machine on your network and login to it via DomU and > then type command w to confirm that it is able to know your IP. > It is as good as saying that your added a physical machine to your > network/ > > For your DomU the Dom0 will be the gateway that you will have to > configure. > and DNS will be same as for rest of machines on network,DomU needs to > have just the gateway as Dom0 then xend daemon will take care of rest > of the things. > >> Or should I also set the ip in config.sxp as you have written in >> section E? > I have not said to configure IP on config.sxp > you need to check vif-bridge and network-bridge words in the two lines > there and uncomment if it is a bridged setup. > and rest should be commented. > > > -- > Tapas > > +91 8971248477_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Tapas Mishra
2010-Apr-22 01:05 UTC
Re: [Xen-users] can any one help with NAT using xen 3.4.1
What I was suggested by some people on list is to make a dummy network interface and use that in place of netdev=''eth1'' i.e. netdev=''dummy'' http://www.debian-administration.org/articles/470 then use routing etc. On Wed, Apr 21, 2010 at 11:18 PM, Brian Krusic <brian@krusic.com> wrote:> Hi Tapas, > > The domU is on a diff subnet then dom0. > > And I need to keep that domU in its own subnet but not isolated. > > I would rather only use 1 LAN card on the domU. > > I''m unsure why I can''t understand how to do this in Xen, I do it all day > long with routers, VMware, etc... > > Basically the domU should appear as 10.10.10.200 to the dom0 subnet while > the domU itself remains at 10.0.10.200. > > > - Brian > > On Apr 20, 2010, at 8:33 PM, Tapas Mishra wrote: > >>> >>> How will packets then know to go from 10.10.10.200 which is what the >>> world >>> thinks my domU is to 10.0.10.200 which is my internal domU IP as >>> config''d >>> via its network scripts? >> >> I am a bit confused on your question is DomU on a different subnet >> than the LAN . >> 10.10.10.200 and 10.0.100.200 are both DomU how can you have 2 IPs on >> different subnet to your DomU are you using 2 LAN cards.If that is the >> case then you need to setup IPTABLES on Dom0.Even if you choose to >> isolate that then also IPTABLES you need to setup. >> Your Dom0 has to be configured to forward the packets coming to >> 10.10.10.200 to 10.0.100.200 then that means your Dom0 should also be >> in 10.10.10.x range . >> If it is a bridge setup you don''t need to do all that simple >> forwarding will do just check it once by enabling IP FORWARDING if it >> does not work then go ahead with IPTABLES. >> >> I am myself not clear on this part but it seems that Xend daemon >> takes care of this part at least if both xen dom0 and xen domU are in >> same subnet otherwise if you check my messages on this list you need >> to have a dummy bridge and then configure routing from that. >> >> But I have seen if you ping from DomU to your network or want to do an >> SSH and on the other machine you see you will get IP of DomU only. >> You can use a 3rd machine on your network and login to it via DomU and >> then type command w to confirm that it is able to know your IP. >> It is as good as saying that your added a physical machine to your >> network/ >> >> For your DomU the Dom0 will be the gateway that you will have to >> configure. >> and DNS will be same as for rest of machines on network,DomU needs to >> have just the gateway as Dom0 then xend daemon will take care of rest >> of the things. >> >>> Or should I also set the ip in config.sxp as you have written in section >>> E? >> >> I have not said to configure IP on config.sxp >> you need to check vif-bridge and network-bridge words in the two lines >> there and uncomment if it is a bridged setup. >> and rest should be commented. >> >> >> -- >> Tapas >> >> +91 8971248477 > >-- Tapas http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers +91 8971248477 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users