Xen users - Mar 2012 - using both bridged and routed networking

Hello,

I''m using Debian Squeeze with Xen 4.0 HVM. Both running 64bits.

I''ve got 4 domU''s requiring the bridged setup to work,
I''ve got an IP
address for each.

Now I need to setup routed networking for the rest of domU''s. I just
changed the configuration in xend-config.sxp and restarted Xen.

Routing started to work, while there are still domU''s running "in
a
bridge". It looks like. I''m just not sure what''s going to
happen when I
restart those domU - I suppose they will try to use the configuration from
a routed setup (specified in xend-config.sxp).

Now my question is, how can I make a number of domU''s use the bridged
networking, and the other number to use the routed setup?

Thank you for any help.
Lukas

On Wed, Mar 28, 2012 at 1:24 PM, Lukas Vu - Hostym.com <lukas@hostym.com>
wrote:
> Now my question is, how can I make a number of domU''s use the
bridged
> networking, and the other number to use the routed setup?
The easiest way?

DON''T let xen setup bridges/route for you (i.e. using xend-config.sxp)
DO setup your own bridges (e.g. setup on /etc/network/interfaces)
DO use bridge + route/NAT instead of trying to mimick xen-style routed setup.

-- 
Fajar

Fajar A. Nugraha wrote:
>DON''T let xen setup bridges/route for you (i.e. using
xend-config.sxp)
>DO setup your own bridges (e.g. setup on /etc/network/interfaces)
>DO use bridge + route/NAT instead of trying to mimick xen-style routed
setup.
To add to that, this is what I''d do (I use Debian) :

Setup TWO bridges, using the host OS tools - in the case of Debian it 
is trivially easy to create bridges in /etc/network/interfaces. One 
of these bridges might not have an external NIC connected to it - it 
depends on what else is connected in your network.
I''ll call these brext and brint for convenience.

For those devices which get an outside IP, connect their VIFs to 
brext when creating them (bridge = brext in the VIF statement or 
something similar).

For those devices which are routed/NATed, connect their VIFs to brint.

Now, you can either do the routing/NAT in Dom0, or what I''ve done at 
home is to run a small DomU just as a 2 port router. It has two VIFs* 
connected to brint and brext - you can run whatever OS or firewall 
appliance you like/have the skills to setup and manage for this (I 
just use Shorewall and Debian, others prefer something
''packaged'').
* Actually, one interface was for a while a native NIC made available 
by PCI passthrough - but the principal is the same.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.