Xen users - Sep 2011 - New to Xen: safety concerns (Linux Dom0, Windows DomU)

Hi! I''m looking at installing Xen to play around with Windows as well
as Linux, but since it''s a somewhat invasive install, figured
it''d be
safer to ask some questions first.

I have a Linux box that''s running Ubuntu 10.10 happily as a desktop
and router. What I''m trying to do is run Windows on it in addition,
and have Windows have direct access to the nVidia card - which is what
most virtualizers won''t do. But above all, I want to keep the Linux
half running. Whatever happens, this is to remain functional as the
router. If Windows has a problem, I need to be able to restart it
without bringing Linux down.

Also, should Xen not work out, I''d like to be able to uninstall it and
return to the clean Linux that''s there now. Googling for information
on this last point has turned up a number of people who''ve had no
trouble, but also a number who did, and I''m not sure if the issues are
self-inflicted, nor if they''re only in older versions of Xen.

So, in summary:
1) Is it safe and easy to uninstall Xen, leaving Dom0 as the only OS installed?
2) Can a DomU Windows have full access to the hardware?

Any other pertinent advice gratefully received. Thanks in advance!

Chris Angelico

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Friday, September 09, 2011 1:21 PM, "Chris Angelico"
<rosuav@gmail.com> wrote:
> Hi! I''m looking at installing Xen to play around with Windows as
well
> as Linux, but since it''s a somewhat invasive install, figured
it''d be
> safer to ask some questions first.
> 
> I have a Linux box that''s running Ubuntu 10.10 happily as a
desktop
> and router. What I''m trying to do is run Windows on it in
addition,
> and have Windows have direct access to the nVidia card - which is what
> most virtualizers won''t do. But above all, I want to keep the
Linux
> half running. Whatever happens, this is to remain functional as the
> router. If Windows has a problem, I need to be able to restart it
> without bringing Linux down.
One of your problems here is that VGA passthrough (at least if you want
it to hit the domU''s BIOS) can actually be very hit-or-miss, though
it''s
gotten much better over time:

  http://wiki.xensource.com/xenwiki/XenVGAPassthrough

The secondary problem with this is that if the Windows half crashes, and
you need to restart it, how are you going to access the Xen tools to
restart it if Windows took the display adapter with it?  These things are
often solvable, but it is worth thinking about it in advance (per below).
> Also, should Xen not work out, I''d like to be able to uninstall it
and
> return to the clean Linux that''s there now. Googling for
information
> on this last point has turned up a number of people who''ve had no
> trouble, but also a number who did, and I''m not sure if the issues
are
> self-inflicted, nor if they''re only in older versions of Xen.
Can you describe which trouble you''re worried about in particular, if
any?

Newer Linux kernels have Xen and non-Xen boot processes that are closer to
each other (I''m thinking 3.0.0 particularly; I don''t know what
Ubuntu 10.10
has), and with things like UUID-based filesystem detection (which Ubuntu has
done as standard for a while, but not necessarily if you started from a much
older version) the differences in exposed hardware can often be automatically
dealt with.  Older Linuxes had specialized Xen versions of the kernel, and
so you''d have to change boot configurations around more.  In either
case it''d be
advisable to have a rescue disk handy just in case.  But generally speaking
switching a Linux system between dom0 and raw is a very reversible operation
unless/until you configure it to depend strongly on Xen-specific or very
low-level
hardware operations.
> 2) Can a DomU Windows have full access to the hardware?
You should think about what you mean by "full access".  You may be
able to pass
through most of the interface PCI devices and such (with work), but if you will
still need access to the Linux half then you must arrange for enough console or
network devices to be routed to it for that purpose.

Note also that you must have a hardware IOMMU for PCI passthrough to HVM guests,
according to http://wiki.xensource.com/xenwiki/XenPCIpassthrough, and I
don''t
believe Windows can be run paravirtualized since the kernel hasn''t been
ported
(for obvious reasons).  In practice this may mean some fairly high-class
hardware,
depending on your configuration.

FYI, I''m currently gradually in the process of setting up a split
server/desktop
configuration as well involving splitting up the PCI devices, though both of the
larger domains will be domU (with a small dom0) and it''s Debian
GNU/Linux all the
way through (no Windows---yet; I might wind up spinning up a Windows domU as
well
but I wouldn''t be giving it the GPU or anything like that).

Good luck!

   ---> Drake Wilson

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, Sep 9, 2011 at 1:41 PM, Drake Wilson <drake@dasyatidae.net>
wrote:
> One of your problems here is that VGA passthrough (at least if you want
> it to hit the domU''s BIOS) can actually be very hit-or-miss,
though it''s
> gotten much better over time:
>
>  http://wiki.xensource.com/xenwiki/XenVGAPassthrough
Thanks, an excellent document.

"Xen VGA graphics passthru is a special form of PCI passthru, and PCI
passthru dedicates the PCI device (graphics card) to exactly one
single VM."

I assume I can switch it to a different VM on the fly? That is, boot
with the graphics card dedicated to dom0 Linux, then fire up domU
Windows and hand control over.
> Can you describe which trouble you''re worried about in particular,
if any?
Googling for ''xen uninstall'' shows up a variety of people
asking
similar questions:
http://forums.opensuse.org/english/get-technical-help-here/applications/418253-how-uninstall-xen.html
- seems to have uninstalled cleanly
http://www.linuxformat.com/forums/viewtopic.php?t=377 - not too clear
on the question itself there
http://ubuntuforums.org/archive/index.php/t-953793.html - required
some manual cleanup and not sure if it really cleaned up (dated 2008)
http://www.firewall.cx/ftopict-6304.html - no resolution, no responses
at all (dated 2009)

Not enough weight of evidence to turn me away from Xen, but enough to
be concerned about.
> Newer Linux kernels have Xen and non-Xen boot processes that are closer to
> each other (I''m thinking 3.0.0 particularly; I don''t know
what Ubuntu 10.10
> has),
According to `uname -a` it''s currently 2.6.35-30-generic. I could
upgrade the kernel to version 3 I guess, but I''m not a kernel expert
so I''d be navigating unfamiliar waters. It''d be a separate
"can I undo
this if things go wrong" question all of its own.
> and with things like UUID-based filesystem detection (which Ubuntu has
> done as standard for a while, but not necessarily if you started from a
much
> older version) the differences in exposed hardware can often be
automatically
> dealt with.
This particular box is quite new; 10.10 (I don''t like 11.04) was
installed fresh on a bare HD. It may have had a kernel upgrade or two
but nothing particularly earth-shattering.
> Older Linuxes had specialized Xen versions of the kernel, and
> so you''d have to change boot configurations around more.  In
either case it''d be
> advisable to have a rescue disk handy just in case.  But generally speaking
> switching a Linux system between dom0 and raw is a very reversible
operation
> unless/until you configure it to depend strongly on Xen-specific or very
low-level
> hardware operations.
Thank you. I believe you, for I am sure you would not practice on my
inexperience. I wish to do the right thing, and if - I say if - it
really is that easy to reverse, the complexity shall be no obstacle to
our union. Or something like that. (Pirates of Penzance, if you''re not
an opera buff.)
>> 2) Can a DomU Windows have full access to the hardware?
>
> You should think about what you mean by "full access".  You may
be able to pass
> through most of the interface PCI devices and such (with work), but if you
will
> still need access to the Linux half then you must arrange for enough
console or
> network devices to be routed to it for that purpose.
I want to play graphical Windows games. It''s a 64-bit system with 8GB
of RAM and a fairly new nVidia chipset video card (don''t remember the
spec atm), so in theory I should be able to give 2-3GB to a 32-bit
WinXP and let that run happily, while leaving 5-6GB of real RAM for
everything else.
> Note also that you must have a hardware IOMMU for PCI passthrough to HVM
guests,
> according to http://wiki.xensource.com/xenwiki/XenPCIpassthrough, and I
don''t
> believe Windows can be run paravirtualized since the kernel hasn''t
been ported
> (for obvious reasons).  In practice this may mean some fairly high-class
hardware,
> depending on your configuration.
Hmm. Is there an easy way to check? It''s a high-end Intel motherboard,
and a high-end modern CPU, although I don''t have the precise
identifiers to hand.

I''m not afraid of a bit of complexity, but my areas of expertise are
user-level (ring 3) software and networking, not kernels and
hypervisors. Much appreciate your help!

Chris Angelico

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

There are some things you should use dedicated machines for, a gateway
is one of those things in my opinion.  Why would you run a Xen kernel
on your gateway to the internet?  Now, I would run a base hypervisor
and build my gateway inside of it as a guest, but not vise versa.  My
two centavos.

Scott

On Thu, Sep 8, 2011 at 11:05 PM, Chris Angelico <rosuav@gmail.com>
wrote:
> On Fri, Sep 9, 2011 at 1:41 PM, Drake Wilson <drake@dasyatidae.net>
wrote:
>> One of your problems here is that VGA passthrough (at least if you want
>> it to hit the domU''s BIOS) can actually be very hit-or-miss,
though it''s
>> gotten much better over time:
>>
>>  http://wiki.xensource.com/xenwiki/XenVGAPassthrough
>
> Thanks, an excellent document.
>
> "Xen VGA graphics passthru is a special form of PCI passthru, and PCI
> passthru dedicates the PCI device (graphics card) to exactly one
> single VM."
>
> I assume I can switch it to a different VM on the fly? That is, boot
> with the graphics card dedicated to dom0 Linux, then fire up domU
> Windows and hand control over.
>
>> Can you describe which trouble you''re worried about in
particular, if any?
>
> Googling for ''xen uninstall'' shows up a variety of people
asking
> similar questions:
>
http://forums.opensuse.org/english/get-technical-help-here/applications/418253-how-uninstall-xen.html
> - seems to have uninstalled cleanly
> http://www.linuxformat.com/forums/viewtopic.php?t=377 - not too clear
> on the question itself there
> http://ubuntuforums.org/archive/index.php/t-953793.html - required
> some manual cleanup and not sure if it really cleaned up (dated 2008)
> http://www.firewall.cx/ftopict-6304.html - no resolution, no responses
> at all (dated 2009)
>
> Not enough weight of evidence to turn me away from Xen, but enough to
> be concerned about.
>
>> Newer Linux kernels have Xen and non-Xen boot processes that are closer
to
>> each other (I''m thinking 3.0.0 particularly; I don''t
know what Ubuntu 10.10
>> has),
>
> According to `uname -a` it''s currently 2.6.35-30-generic. I could
> upgrade the kernel to version 3 I guess, but I''m not a kernel
expert
> so I''d be navigating unfamiliar waters. It''d be a
separate "can I undo
> this if things go wrong" question all of its own.
>
>> and with things like UUID-based filesystem detection (which Ubuntu has
>> done as standard for a while, but not necessarily if you started from a
much
>> older version) the differences in exposed hardware can often be
automatically
>> dealt with.
>
> This particular box is quite new; 10.10 (I don''t like 11.04) was
> installed fresh on a bare HD. It may have had a kernel upgrade or two
> but nothing particularly earth-shattering.
>
>> Older Linuxes had specialized Xen versions of the kernel, and
>> so you''d have to change boot configurations around more.  In
either case it''d be
>> advisable to have a rescue disk handy just in case.  But generally
speaking
>> switching a Linux system between dom0 and raw is a very reversible
operation
>> unless/until you configure it to depend strongly on Xen-specific or
very low-level
>> hardware operations.
>
> Thank you. I believe you, for I am sure you would not practice on my
> inexperience. I wish to do the right thing, and if - I say if - it
> really is that easy to reverse, the complexity shall be no obstacle to
> our union. Or something like that. (Pirates of Penzance, if you''re
not
> an opera buff.)
>
>>> 2) Can a DomU Windows have full access to the hardware?
>>
>> You should think about what you mean by "full access".  You
may be able to pass
>> through most of the interface PCI devices and such (with work), but if
you will
>> still need access to the Linux half then you must arrange for enough
console or
>> network devices to be routed to it for that purpose.
>
> I want to play graphical Windows games. It''s a 64-bit system with
8GB
> of RAM and a fairly new nVidia chipset video card (don''t remember
the
> spec atm), so in theory I should be able to give 2-3GB to a 32-bit
> WinXP and let that run happily, while leaving 5-6GB of real RAM for
> everything else.
>
>> Note also that you must have a hardware IOMMU for PCI passthrough to
HVM guests,
>> according to http://wiki.xensource.com/xenwiki/XenPCIpassthrough, and I
don''t
>> believe Windows can be run paravirtualized since the kernel
hasn''t been ported
>> (for obvious reasons).  In practice this may mean some fairly
high-class hardware,
>> depending on your configuration.
>
> Hmm. Is there an easy way to check? It''s a high-end Intel
motherboard,
> and a high-end modern CPU, although I don''t have the precise
> identifiers to hand.
>
> I''m not afraid of a bit of complexity, but my areas of expertise
are
> user-level (ring 3) software and networking, not kernels and
> hypervisors. Much appreciate your help!
>
> Chris Angelico
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@lists.xensource.com
> http://lists.xensource.com/xen-users
>
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, Sep 9, 2011 at 2:18 PM, Scott Damron <sdamron@gmail.com>
wrote:
> There are some things you should use dedicated machines for, a gateway
> is one of those things in my opinion.  Why would you run a Xen kernel
> on your gateway to the internet?  Now, I would run a base hypervisor
> and build my gateway inside of it as a guest, but not vise versa.  My
> two centavos.
Hah, you''re quite right. It''s not my gateway to the internet;
it''s a
separate router/firewall/etc for a separate wireless network on which
I put any untrusted devices. It''s not of supreme importance, so I can
take it down if necessary... but I have reiplophobia. :)

Basically, it''s that I''m putting the firewall on "any
Linux box I
happen to have", rather than making it a dedicated computer. Plus, I
needed an excuse to go build myself a hot new computer, and telling
myself that it was time the Walled Garden project was completed was
strong impetus!

ChrisA

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, Sep 9, 2011 at 11:05 AM, Chris Angelico <rosuav@gmail.com>
wrote:
> On Fri, Sep 9, 2011 at 1:41 PM, Drake Wilson <drake@dasyatidae.net>
wrote:
>> One of your problems here is that VGA passthrough (at least if you want
>> it to hit the domU''s BIOS) can actually be very hit-or-miss,
though it''s
>> gotten much better over time:
>>
>>  http://wiki.xensource.com/xenwiki/XenVGAPassthrough
>
> Thanks, an excellent document.
>
> "Xen VGA graphics passthru is a special form of PCI passthru, and PCI
> passthru dedicates the PCI device (graphics card) to exactly one
> single VM."
>
> I assume I can switch it to a different VM on the fly? That is, boot
> with the graphics card dedicated to dom0 Linux, then fire up domU
> Windows and hand control over.
Nope.

AFAIK the PCI device has to be hidden from dom0 to make it assignable
to domU, and once dom0 uses it (e.g. for console output) there is no
way to hide it.
>
>> Can you describe which trouble you''re worried about in
particular, if any?
>
> Googling for ''xen uninstall'' shows up a variety of people
asking
> similar questions:
>
http://forums.opensuse.org/english/get-technical-help-here/applications/418253-how-uninstall-xen.html
> - seems to have uninstalled cleanly
> http://www.linuxformat.com/forums/viewtopic.php?t=377 - not too clear
> on the question itself there
> http://ubuntuforums.org/archive/index.php/t-953793.html - required
> some manual cleanup and not sure if it really cleaned up (dated 2008)
> http://www.firewall.cx/ftopict-6304.html - no resolution, no responses
> at all (dated 2009)
>
> Not enough weight of evidence to turn me away from Xen, but enough to
> be concerned about.
It ... depends.

Generally speaking, if you''re expecting automated install/uninstall
which JUST WORKS, I wouldn''t recommend you to use xen. Too many things
involved that might require manual intervention, like:
- bridged networking. The recommended method now is to create bridges manually
- grub config. Entries for native and xen boot is different, and
(depending on your kernel version) might require different kernel
> I want to play graphical Windows games. It''s a 64-bit system with
8GB
> of RAM and a fairly new nVidia chipset video card (don''t remember
the
> spec atm), so in theory I should be able to give 2-3GB to a 32-bit
> WinXP and let that run happily, while leaving 5-6GB of real RAM for
> everything else.
I''d actually recommend you do something like
- use windows as native OS
- install virtualbox
- setup guests as needed
- use firewall on windows side to block all traffic TO windows, but
allow everything to guests

Simpler, easier to maintain.

-- 
Fajar

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, Sep 9, 2011 at 2:32 PM, Fajar A. Nugraha <list@fajar.net>
wrote:
> AFAIK the PCI device has to be hidden from dom0 to make it assignable
> to domU, and once dom0 uses it (e.g. for console output) there is no
> way to hide it.
Ah, okay. In that case, I may have to poke around with using the
onboard video for Linux, and reserve the card for Windows.
> I''d actually recommend you do something like
> - use windows as native OS
I''d rather not, but it''s an option. Tried it last night; for
some
reason, the XP installer is bombing. Also, I feel rather "dirty"
installing real Windows....
> - install virtualbox
That''s what I currently am using. VirtualBox is great for most things,
but I''m having trouble with games, and I suspect it''s because
the
virtualized video card is not suitable for all of DirectX.
> - setup guests as needed
> - use firewall on windows side to block all traffic TO windows, but
> allow everything to guests
Not sure what you mean here. Can you elaborate please?

ChrisA

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Friday, September 09, 2011 2:05 PM, "Chris Angelico"
<rosuav@gmail.com> wrote:
> I assume I can switch it to a different VM on the fly? That is, boot
> with the graphics card dedicated to dom0 Linux, then fire up domU
> Windows and hand control over.
I''ve successfully done Debian-to-Debian handover of a Radeon card on my
machine,
but it''s not like a KVM---it''s considerably more involved than
that, involving
poking various low-level Linux bits on the dom0 before hitting the xm pci-attach
button (so to speak), and involving some workarounds regarding PCI interrupts (I
had to use pci=nomsi in the domU, but maybe that''s not needed in the
long run;
I''m still experimenting during my Copious Free Time).  There may be
easier tools
available than what I''m using, but if so I don''t know what
they are.  Also I''m using
passthrough to secondary slot rather than to primary, so the domU BIOS and
initial
console are on the emulated Cirrus VGA.
> http://ubuntuforums.org/archive/index.php/t-953793.html - required
> some manual cleanup and not sure if it really cleaned up (dated 2008)
The latter looks like ey''s just trying to clean away extra directories,
no?
That sounds non-critical.  (I''m guessing ey''s also not heard
of aptitude purge.)
> Not enough weight of evidence to turn me away from Xen, but enough to
> be concerned about.
[...]
> According to `uname -a` it''s currently 2.6.35-30-generic. I could
> upgrade the kernel to version 3 I guess, but I''m not a kernel
expert
> so I''d be navigating unfamiliar waters. It''d be a
separate "can I undo
> this if things go wrong" question all of its own.
I''m curious why you don''t just make a bitwise copy of the
entire hard drive
(or other primary storage) before doing anything.  That would be a bit
time-consuming
and require extra hardware, but it would seem to leave the least room for
intractable
stuck positions later on while being very straightforward to start with.
> Thank you. I believe you, for I am sure you would not practice on my
> inexperience.
I''m not particularly a Xen master either, mind you, but I''ve
installed and uninstalled
it on a server box before and the relative difficulty of flipping either way was
just
picking the right GRUB entry and aptitude install/purge.  This was a few years
ago,
though, and I didn''t set up anything too extensive on it.
> I want to play graphical Windows games. It''s a 64-bit system with
8GB
> of RAM and a fairly new nVidia chipset video card (don''t remember
the
> spec atm), so in theory I should be able to give 2-3GB to a 32-bit
> WinXP and let that run happily, while leaving 5-6GB of real RAM for
> everything else.
Maybe.  I''m not sure how much I''d trust the combination of
passed-through nVidia card
and virtual PCI bridge with Windows gaming drivers; I thought those were often
more
likely to use dirty tricks that might not play well with such an idiosyncratic
PCI
setup?  I have very little contact with Windows these days.
> Hmm. Is there an easy way to check? It''s a high-end Intel
motherboard,
> and a high-end modern CPU, although I don''t have the precise
> identifiers to hand.
I purchased my hardware specifically targeting having VT-d (Intel IOMMU)
support;
you might look at http://wiki.xensource.com/xenwiki/VTdHowTo and see whether it
sparks anything.  On my mainboard (an Asus P8B WS server/workstation-class
board)
I had to specifically update the BIOS to the latest mid-2011 version and then
enable
the VT-d feature.
> I''m not afraid of a bit of complexity, but my areas of expertise
are
> user-level (ring 3) software and networking, not kernels and
> hypervisors. Much appreciate your help!
Simplicity is good.  Features are also good.  But backups are the best.  :-)
> Chris Angelico
   ---> Drake Wilson

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, Sep 9, 2011 at 3:07 PM, Drake Wilson <drake@dasyatidae.net>
wrote:
> I''m curious why you don''t just make a bitwise copy of the
entire hard drive
> (or other primary storage) before doing anything.  That would be a bit
time-consuming
> and require extra hardware, but it would seem to leave the least room for
intractable
> stuck positions later on while being very straightforward to start with.
>
That would be a snapshot-in-time, which is a good thing too; what I
mean by reverting to the normal state is more along the lines of "get
me to the state where I would have been if I''d never installed Xen,
but had done all the other things I''ve done with this box". If I
install two applications, I normally expect to be able to deinstall
one without affecting the other. Not always possible, but that''ll give
you more of an idea of what I''m thinking here.

Chris Angelico

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, Sep 9, 2011 at 11:42 AM, Chris Angelico <rosuav@gmail.com>
wrote:
>> I''d actually recommend you do something like
>> - use windows as native OS
> I''d rather not, but it''s an option. Tried it last night;
for some
> reason, the XP installer is bombing.
XP? With 8G memory? :P

I''d use 64bit W7 instead if going Virtualbox route. Even with extra
memory use you should still be able to use 5GB or so for guests.
> Also, I feel rather "dirty"
> installing real Windows....
I''d simply use the right tools for the right job. You needed Windows
gaming, and AFAIK "real" Windows is the only clean, stable, supported
way to get it.
>
>> - install virtualbox
> That''s what I currently am using. VirtualBox is great for most
things,
> but I''m having trouble with games, and I suspect it''s
because the
> virtualized video card is not suitable for all of DirectX.
Yes, which is why I suggested use native Windows and use virtualbox
for Linux and other guests.
>
>> - setup guests as needed
>> - use firewall on windows side to block all traffic TO windows, but
>> allow everything to guests
>
> Not sure what you mean here. Can you elaborate please?
It''s optional really. Basically if you limit incoming traffic to
Windows you''ll have less vulnerable to remote attacks. Of course it
could work just fine even without it.

Another option to network setup is using bridge with dummy address.
IIRC you could have a bridge with TAP32 (virtual) adapters and real
NICs, and setup virtualbox to bridge on that interface. On
public-facing interface, use static dummy IP address on Windows side,
and use real public IP address on Linux guest. Setup the linux guest
to act as firewall/NAT for windows (and other hosts that needs it).

-- 
Fajar

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Fri, Sep 9, 2011 at 4:00 PM, Fajar A. Nugraha <list@fajar.net>
wrote:
> On Fri, Sep 9, 2011 at 11:42 AM, Chris Angelico <rosuav@gmail.com>
wrote:
>>> I''d actually recommend you do something like
>>> - use windows as native OS
>> I''d rather not, but it''s an option. Tried it last
night; for some
>> reason, the XP installer is bombing.
>
> XP? With 8G memory? :P
Heh. That was one of the things I tried - pulled out one of the sticks
(it''s 2 x 4GB) - but no change. Far as I know, XP shouldn''t
choke on
4GB RAM, although it won''t make optimal use of it all.
> I''d use 64bit W7 instead if going Virtualbox route. Even with
extra
> memory use you should still be able to use 5GB or so for guests.
That''s a fair option, I guess. Will have to hunt down a Win7 installer
from somewhere. And a license... got plenty of XP sitting around.
> It''s optional really. Basically if you limit incoming traffic to
> Windows you''ll have less vulnerable to remote attacks. Of course
it
> could work just fine even without it.
Ah. Yeah, I''ll definitely be putting severe firewall restrictions on
the Windows box. That''s been my policy for as long as I''ve
been in
networking, and so far, all the huge newsworthy scares have just
passed us by (except for that one time I built a honeypot... fun,
though largely useless - p0wned in like 15 seconds, unpatched XP with
no service packs).

ChrisA

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Hello,
> Hi! I''m looking at installing Xen to play around with Windows as
well
> as Linux, but since it''s a somewhat invasive install, figured
it''d be
> safer to ask some questions first.
> 
> I have a Linux box that''s running Ubuntu 10.10 happily as a
desktop
> and router. What I''m trying to do is run Windows on it in
addition,
> and have Windows have direct access to the nVidia card - which is what
> most virtualizers won''t do. But above all, I want to keep the
Linux
> half running. Whatever happens, this is to remain functional as the
> router. If Windows has a problem, I need to be able to restart it
> without bringing Linux down.
> 
> Also, should Xen not work out, I''d like to be able to uninstall it
and
> return to the clean Linux that''s there now. Googling for
information
> on this last point has turned up a number of people who''ve had no
> trouble, but also a number who did, and I''m not sure if the issues
are
> self-inflicted, nor if they''re only in older versions of Xen.
> 
> So, in summary:
> 1) Is it safe and easy to uninstall Xen, leaving Dom0 as the only OS
installed?
Xen desinstallation is not even needed, you can boot the system directly
on the DOM0 without XEN (standard function ot GRUB).

Windows installation should work, the direct access from Windows to the
video card is more difficult (PCI passthrough) and I didn''t try it but
it should be possible.


Regards

JPP



> 2) Can a DomU Windows have full access to the hardware?
> 



_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users