Hi,
I would like to configure a Xen private network where the guests use
private addresses. So far I have setup the Dom0 instances and the vm''s
can
access to the other guests inside the same server.
Now my question is how can the guests reach the other guests that are
located in other physical servers.
Here is a diagram of how the network looks:
https://dl.dropboxusercontent.com/u/7837074/Hetzner-Network.png
The servers are in the same subnet given by the provider(I rented the
servers with Hetzner, who doesn''t allow bridging virtual interfaces)
Any advice/link about how could I configure this? Is there any solution
that doesn''t involve creating iptables rules for each vm?
Thank you in advance
Regards
--
def dagi3d(me)
case me
when :web then "http://dagi3d.net"
when :twitter then "http://twitter.com/dagi3d"
end
end
_______________________________________________
Xen-users mailing list
Xen-users@lists.xen.org
http://lists.xen.org/xen-users
Ian Campbell
2013-Nov-26 10:28 UTC
Re: Xen private network across multiple physical servers
On Tue, 2013-11-26 at 09:05 +0100, Borja Martín wrote:> Hi, > I would like to configure a Xen private network where the guests use > private addresses. So far I have setup the Dom0 instances and the vm's > can access to the other guests inside the same server. > Now my question is how can the guests reach the other guests that are > located in other physical servers. > Here is a diagram of how the network > looks: https://dl.dropboxusercontent.com/u/7837074/Hetzner-Network.png > The servers are in the same subnet given by the provider(I rented the > servers with Hetzner, who doesn't allow bridging virtual interfaces) > Any advice/link about how could I configure this? Is there any > solution that doesn't involve creating iptables rules for each vm?You'll probably need to create some sort of tunnel between the two hosts, e.g. openvpn (with a tun on the bridge at each end) or GRE (via openviswitch) or something along those lines. I don't have any specific links on how to do either though. Ian.> > > Thank you in advance > Regards > > > > > -- > def dagi3d(me) > case me > when :web then "http://dagi3d.net" > when :twitter then "http://twitter.com/dagi3d" > end > end > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xen.org > http://lists.xen.org/xen-users_______________________________________________ Xen-users mailing list Xen-users@lists.xen.org http://lists.xen.org/xen-users
Alexandre Kouznetsov
2013-Nov-26 16:07 UTC
Re: Xen private network across multiple physical servers
Hello. El 26/11/13 02:05, Borja Martín escribió:> Hi, > I would like to configure a Xen private network where the guests use > private addresses. So far I have setup the Dom0 instances and the vm''s > can access to the other guests inside the same server. > Now my question is how can the guests reach the other guests that are > located in other physical servers.As Ian said, you definitely will need to set up some sort of tunnel between your physical hosts. Consider having a TAP device on each physical host. It should be handled up by some VPN software at the backend, and incorporated to a the same ethernet bridge as your DomU''s private interfaces. As a little bit more complex, but cleaner option, consider deploying a small DomU dedicated to this task on each physical server. Set up the VPN within the DomU, not a Dom0. This will make your configuration much more flexible and portable. OpenVPN should work well. I also have been working with Tinc VPN for similar propose, it''s mush simpler to set up, specially on small networks. As a reference, XenServer call this "Cross-Server Private Network", you may check how is it organized there. Greetings. -- Alexandre Kouznetsov