bofh wrote:
>Question on setting up networking in xen. I want to do the
>following on my laptop:
>
>dom0 is attached to eth0 and ath0.
>
>dom1 is going to by my virtual firewall for all my virtual machines.
> So I assume 3 interfaces, a bridge to eth0, ath0 and a virtual
>interface?
>
>dom2 and so on will route all their traffic through dom1 (through
>the virtual interface)
>
>I''ve read the documentation a few times, and I keep getting lost...
>
>Is there any easy way to set up what would amount to two virtual
switches...?
>
>
>
>To add a wrinkle... :) :)
>
>Would it be possible to set up one more (non-routable) network that
>dom0..domN will all attach to (for sharing files internally,
>obviously)?
All of that is no problem. BTW - it would help to specify what distro
you are using as there are some differences in how it''s set up.
Networking is generally fairly simple in Xen. The most common setup
is that you create one or more bridges in Dom0, attach one or more
physical interfaces to those bridges, and attach clients (DomUs) to
the bridges via virtual interfaces (VIFs).
So, for your setup you''d need three bridges - lets just call them
br0, br1, and br2 though you can call them anything you like (for
example, at work I use ethint, ethext, and ethbak for the internal,
outside, and backend networks).
You''d attach eth0 and ath0 to br0 and this would be your outside
network.
You''d fire up your gateway DomU and connect it to both br0 and br1 -
you''d get vifn.0 and vifn.1 in Dom0 which connect to eth0 and eth1 in
DomU (where n is the Xen vm number).
The DomU can now route/bridge/filter traffic between eth0 and eth1
and that will control how traffic passed between br0 and br1, and
hence between other guests and the outside world.
For your other guests, you would just connect them to br1 and they''d
only have a single interface which will appear as eth0.
For your management lan, you simply add an additional virtual
interface to each guest and connect it to br2.
Advice seem to be to avoid the scripts provided with Xen and setup
your own bridges. Having done it both ways - my older machines do it
with Xen scripts, my newest do it the Debain way - I prefer doing my
own bridges. In Debian it''s as simple (i think) as adding this to
/etc/network/interfaces :
auto br0
iface br0 inet static
bridge_ports eth0 ath0
address 192.168.x.y
netmask 255.255.255.0
This automatically creates br0, gives it an address, and attaches
eth0 and ath0 to it. You need to double check the ath0 stuff, I
vaguely recall issues adding wireless nics to bridges but I don''t
recall what the issues were or if they applied in this sort of
situation.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users