Hi,
the vif scripts (vif-route, vif-bridge, etc.) that come with xen just
don't work for me. I don't feel like I need a bridged setup. My ISP
insists of routing the IPs of the domUs to my dom0. So now I'm using
script=vif-route. But it has some caveats ...
The vif-route script turns on proxy_arp, even though the domUs use the
dom0 as a default gateway, for everything except their own IP. Using
proxy_arp would have a good point, say, if you want to create the
illusion that all domUs are on an IP subnet with other machines. But
that's not the case for my setup.
Then, the vif-route adds some iptables rules. For example, to the
iptables FORWARD chain. Now certainly, these changes are not persistent,
and they may be overwritten by some firewall script.
Furthermore, I'd like to disable IP forwarding for some (but not all!)
of the vif interfaces, as they are supposed to serve only dom0<->domU
communication via private IPs and domUs must not be able to communicate
with each other using their private IPs.
It seems to me, as one either loves the vif scripts or hates them. They
do a lot of stuff that one would have to take care of manually
otherwise. On the other hand, there is very little control over what the
scripts do.
As it seems, I need to:
a) have a custom vif script
b) pass custom parameters to that vif script, e.g., for controlling
whether ip forwarding is enabled for the interfaces or not.
I'm especially struggling with item (b). I found old posts talking about
lists of parameters, which seems to have been hardcoded in xend's
sources. Actually, I've already switched to xl. It is currently no
problem to use custom vif script using the script parameter. However,
I'm struggling with passing custom vif parameters to my custom script.
So is there some way of having custom vif parameters that can be used by
a custom vif script? I tried to use xenstore_read in my vif script but
my custom parameters don't seem to be in the xenstore (whatever that is,
how can I look at what is inside the xenstore?).
Regards,
Sven