Chris Angelico
2011-Sep-09 03:21 UTC
[Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
Hi! I''m looking at installing Xen to play around with Windows as well as Linux, but since it''s a somewhat invasive install, figured it''d be safer to ask some questions first. I have a Linux box that''s running Ubuntu 10.10 happily as a desktop and router. What I''m trying to do is run Windows on it in addition, and have Windows have direct access to the nVidia card - which is what most virtualizers won''t do. But above all, I want to keep the Linux half running. Whatever happens, this is to remain functional as the router. If Windows has a problem, I need to be able to restart it without bringing Linux down. Also, should Xen not work out, I''d like to be able to uninstall it and return to the clean Linux that''s there now. Googling for information on this last point has turned up a number of people who''ve had no trouble, but also a number who did, and I''m not sure if the issues are self-inflicted, nor if they''re only in older versions of Xen. So, in summary: 1) Is it safe and easy to uninstall Xen, leaving Dom0 as the only OS installed? 2) Can a DomU Windows have full access to the hardware? Any other pertinent advice gratefully received. Thanks in advance! Chris Angelico _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Drake Wilson
2011-Sep-09 03:41 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Friday, September 09, 2011 1:21 PM, "Chris Angelico" <rosuav@gmail.com> wrote:> Hi! I''m looking at installing Xen to play around with Windows as well > as Linux, but since it''s a somewhat invasive install, figured it''d be > safer to ask some questions first. > > I have a Linux box that''s running Ubuntu 10.10 happily as a desktop > and router. What I''m trying to do is run Windows on it in addition, > and have Windows have direct access to the nVidia card - which is what > most virtualizers won''t do. But above all, I want to keep the Linux > half running. Whatever happens, this is to remain functional as the > router. If Windows has a problem, I need to be able to restart it > without bringing Linux down.One of your problems here is that VGA passthrough (at least if you want it to hit the domU''s BIOS) can actually be very hit-or-miss, though it''s gotten much better over time: http://wiki.xensource.com/xenwiki/XenVGAPassthrough The secondary problem with this is that if the Windows half crashes, and you need to restart it, how are you going to access the Xen tools to restart it if Windows took the display adapter with it? These things are often solvable, but it is worth thinking about it in advance (per below).> Also, should Xen not work out, I''d like to be able to uninstall it and > return to the clean Linux that''s there now. Googling for information > on this last point has turned up a number of people who''ve had no > trouble, but also a number who did, and I''m not sure if the issues are > self-inflicted, nor if they''re only in older versions of Xen.Can you describe which trouble you''re worried about in particular, if any? Newer Linux kernels have Xen and non-Xen boot processes that are closer to each other (I''m thinking 3.0.0 particularly; I don''t know what Ubuntu 10.10 has), and with things like UUID-based filesystem detection (which Ubuntu has done as standard for a while, but not necessarily if you started from a much older version) the differences in exposed hardware can often be automatically dealt with. Older Linuxes had specialized Xen versions of the kernel, and so you''d have to change boot configurations around more. In either case it''d be advisable to have a rescue disk handy just in case. But generally speaking switching a Linux system between dom0 and raw is a very reversible operation unless/until you configure it to depend strongly on Xen-specific or very low-level hardware operations.> 2) Can a DomU Windows have full access to the hardware?You should think about what you mean by "full access". You may be able to pass through most of the interface PCI devices and such (with work), but if you will still need access to the Linux half then you must arrange for enough console or network devices to be routed to it for that purpose. Note also that you must have a hardware IOMMU for PCI passthrough to HVM guests, according to http://wiki.xensource.com/xenwiki/XenPCIpassthrough, and I don''t believe Windows can be run paravirtualized since the kernel hasn''t been ported (for obvious reasons). In practice this may mean some fairly high-class hardware, depending on your configuration. FYI, I''m currently gradually in the process of setting up a split server/desktop configuration as well involving splitting up the PCI devices, though both of the larger domains will be domU (with a small dom0) and it''s Debian GNU/Linux all the way through (no Windows---yet; I might wind up spinning up a Windows domU as well but I wouldn''t be giving it the GPU or anything like that). Good luck! ---> Drake Wilson _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Chris Angelico
2011-Sep-09 04:05 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Fri, Sep 9, 2011 at 1:41 PM, Drake Wilson <drake@dasyatidae.net> wrote:> One of your problems here is that VGA passthrough (at least if you want > it to hit the domU''s BIOS) can actually be very hit-or-miss, though it''s > gotten much better over time: > > http://wiki.xensource.com/xenwiki/XenVGAPassthroughThanks, an excellent document. "Xen VGA graphics passthru is a special form of PCI passthru, and PCI passthru dedicates the PCI device (graphics card) to exactly one single VM." I assume I can switch it to a different VM on the fly? That is, boot with the graphics card dedicated to dom0 Linux, then fire up domU Windows and hand control over.> Can you describe which trouble you''re worried about in particular, if any?Googling for ''xen uninstall'' shows up a variety of people asking similar questions: http://forums.opensuse.org/english/get-technical-help-here/applications/418253-how-uninstall-xen.html - seems to have uninstalled cleanly http://www.linuxformat.com/forums/viewtopic.php?t=377 - not too clear on the question itself there http://ubuntuforums.org/archive/index.php/t-953793.html - required some manual cleanup and not sure if it really cleaned up (dated 2008) http://www.firewall.cx/ftopict-6304.html - no resolution, no responses at all (dated 2009) Not enough weight of evidence to turn me away from Xen, but enough to be concerned about.> Newer Linux kernels have Xen and non-Xen boot processes that are closer to > each other (I''m thinking 3.0.0 particularly; I don''t know what Ubuntu 10.10 > has),According to `uname -a` it''s currently 2.6.35-30-generic. I could upgrade the kernel to version 3 I guess, but I''m not a kernel expert so I''d be navigating unfamiliar waters. It''d be a separate "can I undo this if things go wrong" question all of its own.> and with things like UUID-based filesystem detection (which Ubuntu has > done as standard for a while, but not necessarily if you started from a much > older version) the differences in exposed hardware can often be automatically > dealt with.This particular box is quite new; 10.10 (I don''t like 11.04) was installed fresh on a bare HD. It may have had a kernel upgrade or two but nothing particularly earth-shattering.> Older Linuxes had specialized Xen versions of the kernel, and > so you''d have to change boot configurations around more. In either case it''d be > advisable to have a rescue disk handy just in case. But generally speaking > switching a Linux system between dom0 and raw is a very reversible operation > unless/until you configure it to depend strongly on Xen-specific or very low-level > hardware operations.Thank you. I believe you, for I am sure you would not practice on my inexperience. I wish to do the right thing, and if - I say if - it really is that easy to reverse, the complexity shall be no obstacle to our union. Or something like that. (Pirates of Penzance, if you''re not an opera buff.)>> 2) Can a DomU Windows have full access to the hardware? > > You should think about what you mean by "full access". You may be able to pass > through most of the interface PCI devices and such (with work), but if you will > still need access to the Linux half then you must arrange for enough console or > network devices to be routed to it for that purpose.I want to play graphical Windows games. It''s a 64-bit system with 8GB of RAM and a fairly new nVidia chipset video card (don''t remember the spec atm), so in theory I should be able to give 2-3GB to a 32-bit WinXP and let that run happily, while leaving 5-6GB of real RAM for everything else.> Note also that you must have a hardware IOMMU for PCI passthrough to HVM guests, > according to http://wiki.xensource.com/xenwiki/XenPCIpassthrough, and I don''t > believe Windows can be run paravirtualized since the kernel hasn''t been ported > (for obvious reasons). In practice this may mean some fairly high-class hardware, > depending on your configuration.Hmm. Is there an easy way to check? It''s a high-end Intel motherboard, and a high-end modern CPU, although I don''t have the precise identifiers to hand. I''m not afraid of a bit of complexity, but my areas of expertise are user-level (ring 3) software and networking, not kernels and hypervisors. Much appreciate your help! Chris Angelico _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Scott Damron
2011-Sep-09 04:18 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
There are some things you should use dedicated machines for, a gateway is one of those things in my opinion. Why would you run a Xen kernel on your gateway to the internet? Now, I would run a base hypervisor and build my gateway inside of it as a guest, but not vise versa. My two centavos. Scott On Thu, Sep 8, 2011 at 11:05 PM, Chris Angelico <rosuav@gmail.com> wrote:> On Fri, Sep 9, 2011 at 1:41 PM, Drake Wilson <drake@dasyatidae.net> wrote: >> One of your problems here is that VGA passthrough (at least if you want >> it to hit the domU''s BIOS) can actually be very hit-or-miss, though it''s >> gotten much better over time: >> >> http://wiki.xensource.com/xenwiki/XenVGAPassthrough > > Thanks, an excellent document. > > "Xen VGA graphics passthru is a special form of PCI passthru, and PCI > passthru dedicates the PCI device (graphics card) to exactly one > single VM." > > I assume I can switch it to a different VM on the fly? That is, boot > with the graphics card dedicated to dom0 Linux, then fire up domU > Windows and hand control over. > >> Can you describe which trouble you''re worried about in particular, if any? > > Googling for ''xen uninstall'' shows up a variety of people asking > similar questions: > http://forums.opensuse.org/english/get-technical-help-here/applications/418253-how-uninstall-xen.html > - seems to have uninstalled cleanly > http://www.linuxformat.com/forums/viewtopic.php?t=377 - not too clear > on the question itself there > http://ubuntuforums.org/archive/index.php/t-953793.html - required > some manual cleanup and not sure if it really cleaned up (dated 2008) > http://www.firewall.cx/ftopict-6304.html - no resolution, no responses > at all (dated 2009) > > Not enough weight of evidence to turn me away from Xen, but enough to > be concerned about. > >> Newer Linux kernels have Xen and non-Xen boot processes that are closer to >> each other (I''m thinking 3.0.0 particularly; I don''t know what Ubuntu 10.10 >> has), > > According to `uname -a` it''s currently 2.6.35-30-generic. I could > upgrade the kernel to version 3 I guess, but I''m not a kernel expert > so I''d be navigating unfamiliar waters. It''d be a separate "can I undo > this if things go wrong" question all of its own. > >> and with things like UUID-based filesystem detection (which Ubuntu has >> done as standard for a while, but not necessarily if you started from a much >> older version) the differences in exposed hardware can often be automatically >> dealt with. > > This particular box is quite new; 10.10 (I don''t like 11.04) was > installed fresh on a bare HD. It may have had a kernel upgrade or two > but nothing particularly earth-shattering. > >> Older Linuxes had specialized Xen versions of the kernel, and >> so you''d have to change boot configurations around more. In either case it''d be >> advisable to have a rescue disk handy just in case. But generally speaking >> switching a Linux system between dom0 and raw is a very reversible operation >> unless/until you configure it to depend strongly on Xen-specific or very low-level >> hardware operations. > > Thank you. I believe you, for I am sure you would not practice on my > inexperience. I wish to do the right thing, and if - I say if - it > really is that easy to reverse, the complexity shall be no obstacle to > our union. Or something like that. (Pirates of Penzance, if you''re not > an opera buff.) > >>> 2) Can a DomU Windows have full access to the hardware? >> >> You should think about what you mean by "full access". You may be able to pass >> through most of the interface PCI devices and such (with work), but if you will >> still need access to the Linux half then you must arrange for enough console or >> network devices to be routed to it for that purpose. > > I want to play graphical Windows games. It''s a 64-bit system with 8GB > of RAM and a fairly new nVidia chipset video card (don''t remember the > spec atm), so in theory I should be able to give 2-3GB to a 32-bit > WinXP and let that run happily, while leaving 5-6GB of real RAM for > everything else. > >> Note also that you must have a hardware IOMMU for PCI passthrough to HVM guests, >> according to http://wiki.xensource.com/xenwiki/XenPCIpassthrough, and I don''t >> believe Windows can be run paravirtualized since the kernel hasn''t been ported >> (for obvious reasons). In practice this may mean some fairly high-class hardware, >> depending on your configuration. > > Hmm. Is there an easy way to check? It''s a high-end Intel motherboard, > and a high-end modern CPU, although I don''t have the precise > identifiers to hand. > > I''m not afraid of a bit of complexity, but my areas of expertise are > user-level (ring 3) software and networking, not kernels and > hypervisors. Much appreciate your help! > > Chris Angelico > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Chris Angelico
2011-Sep-09 04:22 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Fri, Sep 9, 2011 at 2:18 PM, Scott Damron <sdamron@gmail.com> wrote:> There are some things you should use dedicated machines for, a gateway > is one of those things in my opinion. Why would you run a Xen kernel > on your gateway to the internet? Now, I would run a base hypervisor > and build my gateway inside of it as a guest, but not vise versa. My > two centavos.Hah, you''re quite right. It''s not my gateway to the internet; it''s a separate router/firewall/etc for a separate wireless network on which I put any untrusted devices. It''s not of supreme importance, so I can take it down if necessary... but I have reiplophobia. :) Basically, it''s that I''m putting the firewall on "any Linux box I happen to have", rather than making it a dedicated computer. Plus, I needed an excuse to go build myself a hot new computer, and telling myself that it was time the Walled Garden project was completed was strong impetus! ChrisA _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Fajar A. Nugraha
2011-Sep-09 04:32 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Fri, Sep 9, 2011 at 11:05 AM, Chris Angelico <rosuav@gmail.com> wrote:> On Fri, Sep 9, 2011 at 1:41 PM, Drake Wilson <drake@dasyatidae.net> wrote: >> One of your problems here is that VGA passthrough (at least if you want >> it to hit the domU''s BIOS) can actually be very hit-or-miss, though it''s >> gotten much better over time: >> >> http://wiki.xensource.com/xenwiki/XenVGAPassthrough > > Thanks, an excellent document. > > "Xen VGA graphics passthru is a special form of PCI passthru, and PCI > passthru dedicates the PCI device (graphics card) to exactly one > single VM." > > I assume I can switch it to a different VM on the fly? That is, boot > with the graphics card dedicated to dom0 Linux, then fire up domU > Windows and hand control over.Nope. AFAIK the PCI device has to be hidden from dom0 to make it assignable to domU, and once dom0 uses it (e.g. for console output) there is no way to hide it.> >> Can you describe which trouble you''re worried about in particular, if any? > > Googling for ''xen uninstall'' shows up a variety of people asking > similar questions: > http://forums.opensuse.org/english/get-technical-help-here/applications/418253-how-uninstall-xen.html > - seems to have uninstalled cleanly > http://www.linuxformat.com/forums/viewtopic.php?t=377 - not too clear > on the question itself there > http://ubuntuforums.org/archive/index.php/t-953793.html - required > some manual cleanup and not sure if it really cleaned up (dated 2008) > http://www.firewall.cx/ftopict-6304.html - no resolution, no responses > at all (dated 2009) > > Not enough weight of evidence to turn me away from Xen, but enough to > be concerned about.It ... depends. Generally speaking, if you''re expecting automated install/uninstall which JUST WORKS, I wouldn''t recommend you to use xen. Too many things involved that might require manual intervention, like: - bridged networking. The recommended method now is to create bridges manually - grub config. Entries for native and xen boot is different, and (depending on your kernel version) might require different kernel> I want to play graphical Windows games. It''s a 64-bit system with 8GB > of RAM and a fairly new nVidia chipset video card (don''t remember the > spec atm), so in theory I should be able to give 2-3GB to a 32-bit > WinXP and let that run happily, while leaving 5-6GB of real RAM for > everything else.I''d actually recommend you do something like - use windows as native OS - install virtualbox - setup guests as needed - use firewall on windows side to block all traffic TO windows, but allow everything to guests Simpler, easier to maintain. -- Fajar _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Chris Angelico
2011-Sep-09 04:42 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Fri, Sep 9, 2011 at 2:32 PM, Fajar A. Nugraha <list@fajar.net> wrote:> AFAIK the PCI device has to be hidden from dom0 to make it assignable > to domU, and once dom0 uses it (e.g. for console output) there is no > way to hide it.Ah, okay. In that case, I may have to poke around with using the onboard video for Linux, and reserve the card for Windows.> I''d actually recommend you do something like > - use windows as native OSI''d rather not, but it''s an option. Tried it last night; for some reason, the XP installer is bombing. Also, I feel rather "dirty" installing real Windows....> - install virtualboxThat''s what I currently am using. VirtualBox is great for most things, but I''m having trouble with games, and I suspect it''s because the virtualized video card is not suitable for all of DirectX.> - setup guests as needed > - use firewall on windows side to block all traffic TO windows, but > allow everything to guestsNot sure what you mean here. Can you elaborate please? ChrisA _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Drake Wilson
2011-Sep-09 05:07 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Friday, September 09, 2011 2:05 PM, "Chris Angelico" <rosuav@gmail.com> wrote:> I assume I can switch it to a different VM on the fly? That is, boot > with the graphics card dedicated to dom0 Linux, then fire up domU > Windows and hand control over.I''ve successfully done Debian-to-Debian handover of a Radeon card on my machine, but it''s not like a KVM---it''s considerably more involved than that, involving poking various low-level Linux bits on the dom0 before hitting the xm pci-attach button (so to speak), and involving some workarounds regarding PCI interrupts (I had to use pci=nomsi in the domU, but maybe that''s not needed in the long run; I''m still experimenting during my Copious Free Time). There may be easier tools available than what I''m using, but if so I don''t know what they are. Also I''m using passthrough to secondary slot rather than to primary, so the domU BIOS and initial console are on the emulated Cirrus VGA.> http://ubuntuforums.org/archive/index.php/t-953793.html - required > some manual cleanup and not sure if it really cleaned up (dated 2008)The latter looks like ey''s just trying to clean away extra directories, no? That sounds non-critical. (I''m guessing ey''s also not heard of aptitude purge.)> Not enough weight of evidence to turn me away from Xen, but enough to > be concerned about.[...]> According to `uname -a` it''s currently 2.6.35-30-generic. I could > upgrade the kernel to version 3 I guess, but I''m not a kernel expert > so I''d be navigating unfamiliar waters. It''d be a separate "can I undo > this if things go wrong" question all of its own.I''m curious why you don''t just make a bitwise copy of the entire hard drive (or other primary storage) before doing anything. That would be a bit time-consuming and require extra hardware, but it would seem to leave the least room for intractable stuck positions later on while being very straightforward to start with.> Thank you. I believe you, for I am sure you would not practice on my > inexperience.I''m not particularly a Xen master either, mind you, but I''ve installed and uninstalled it on a server box before and the relative difficulty of flipping either way was just picking the right GRUB entry and aptitude install/purge. This was a few years ago, though, and I didn''t set up anything too extensive on it.> I want to play graphical Windows games. It''s a 64-bit system with 8GB > of RAM and a fairly new nVidia chipset video card (don''t remember the > spec atm), so in theory I should be able to give 2-3GB to a 32-bit > WinXP and let that run happily, while leaving 5-6GB of real RAM for > everything else.Maybe. I''m not sure how much I''d trust the combination of passed-through nVidia card and virtual PCI bridge with Windows gaming drivers; I thought those were often more likely to use dirty tricks that might not play well with such an idiosyncratic PCI setup? I have very little contact with Windows these days.> Hmm. Is there an easy way to check? It''s a high-end Intel motherboard, > and a high-end modern CPU, although I don''t have the precise > identifiers to hand.I purchased my hardware specifically targeting having VT-d (Intel IOMMU) support; you might look at http://wiki.xensource.com/xenwiki/VTdHowTo and see whether it sparks anything. On my mainboard (an Asus P8B WS server/workstation-class board) I had to specifically update the BIOS to the latest mid-2011 version and then enable the VT-d feature.> I''m not afraid of a bit of complexity, but my areas of expertise are > user-level (ring 3) software and networking, not kernels and > hypervisors. Much appreciate your help!Simplicity is good. Features are also good. But backups are the best. :-)> Chris Angelico---> Drake Wilson _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Chris Angelico
2011-Sep-09 06:00 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Fri, Sep 9, 2011 at 3:07 PM, Drake Wilson <drake@dasyatidae.net> wrote:> I''m curious why you don''t just make a bitwise copy of the entire hard drive > (or other primary storage) before doing anything. That would be a bit time-consuming > and require extra hardware, but it would seem to leave the least room for intractable > stuck positions later on while being very straightforward to start with. >That would be a snapshot-in-time, which is a good thing too; what I mean by reverting to the normal state is more along the lines of "get me to the state where I would have been if I''d never installed Xen, but had done all the other things I''ve done with this box". If I install two applications, I normally expect to be able to deinstall one without affecting the other. Not always possible, but that''ll give you more of an idea of what I''m thinking here. Chris Angelico _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Fajar A. Nugraha
2011-Sep-09 06:00 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Fri, Sep 9, 2011 at 11:42 AM, Chris Angelico <rosuav@gmail.com> wrote:>> I''d actually recommend you do something like >> - use windows as native OS > I''d rather not, but it''s an option. Tried it last night; for some > reason, the XP installer is bombing.XP? With 8G memory? :P I''d use 64bit W7 instead if going Virtualbox route. Even with extra memory use you should still be able to use 5GB or so for guests.> Also, I feel rather "dirty" > installing real Windows....I''d simply use the right tools for the right job. You needed Windows gaming, and AFAIK "real" Windows is the only clean, stable, supported way to get it.> >> - install virtualbox > That''s what I currently am using. VirtualBox is great for most things, > but I''m having trouble with games, and I suspect it''s because the > virtualized video card is not suitable for all of DirectX.Yes, which is why I suggested use native Windows and use virtualbox for Linux and other guests.> >> - setup guests as needed >> - use firewall on windows side to block all traffic TO windows, but >> allow everything to guests > > Not sure what you mean here. Can you elaborate please?It''s optional really. Basically if you limit incoming traffic to Windows you''ll have less vulnerable to remote attacks. Of course it could work just fine even without it. Another option to network setup is using bridge with dummy address. IIRC you could have a bridge with TAP32 (virtual) adapters and real NICs, and setup virtualbox to bridge on that interface. On public-facing interface, use static dummy IP address on Windows side, and use real public IP address on Linux guest. Setup the linux guest to act as firewall/NAT for windows (and other hosts that needs it). -- Fajar _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Chris Angelico
2011-Sep-09 06:04 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
On Fri, Sep 9, 2011 at 4:00 PM, Fajar A. Nugraha <list@fajar.net> wrote:> On Fri, Sep 9, 2011 at 11:42 AM, Chris Angelico <rosuav@gmail.com> wrote: >>> I''d actually recommend you do something like >>> - use windows as native OS >> I''d rather not, but it''s an option. Tried it last night; for some >> reason, the XP installer is bombing. > > XP? With 8G memory? :PHeh. That was one of the things I tried - pulled out one of the sticks (it''s 2 x 4GB) - but no change. Far as I know, XP shouldn''t choke on 4GB RAM, although it won''t make optimal use of it all.> I''d use 64bit W7 instead if going Virtualbox route. Even with extra > memory use you should still be able to use 5GB or so for guests.That''s a fair option, I guess. Will have to hunt down a Win7 installer from somewhere. And a license... got plenty of XP sitting around.> It''s optional really. Basically if you limit incoming traffic to > Windows you''ll have less vulnerable to remote attacks. Of course it > could work just fine even without it.Ah. Yeah, I''ll definitely be putting severe firewall restrictions on the Windows box. That''s been my policy for as long as I''ve been in networking, and so far, all the huge newsworthy scares have just passed us by (except for that one time I built a honeypot... fun, though largely useless - p0wned in like 15 seconds, unpatched XP with no service packs). ChrisA _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
jpp@jppozzi.dyndns.org
2011-Sep-09 15:23 UTC
Re: [Xen-users] New to Xen: safety concerns (Linux Dom0, Windows DomU)
Hello,> Hi! I''m looking at installing Xen to play around with Windows as well > as Linux, but since it''s a somewhat invasive install, figured it''d be > safer to ask some questions first. > > I have a Linux box that''s running Ubuntu 10.10 happily as a desktop > and router. What I''m trying to do is run Windows on it in addition, > and have Windows have direct access to the nVidia card - which is what > most virtualizers won''t do. But above all, I want to keep the Linux > half running. Whatever happens, this is to remain functional as the > router. If Windows has a problem, I need to be able to restart it > without bringing Linux down. > > Also, should Xen not work out, I''d like to be able to uninstall it and > return to the clean Linux that''s there now. Googling for information > on this last point has turned up a number of people who''ve had no > trouble, but also a number who did, and I''m not sure if the issues are > self-inflicted, nor if they''re only in older versions of Xen. > > So, in summary: > 1) Is it safe and easy to uninstall Xen, leaving Dom0 as the only OS installed?Xen desinstallation is not even needed, you can boot the system directly on the DOM0 without XEN (standard function ot GRUB). Windows installation should work, the direct access from Windows to the video card is more difficult (PCI passthrough) and I didn''t try it but it should be possible. Regards JPP> 2) Can a DomU Windows have full access to the hardware? >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users