This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-users] Remote management of DomU

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Remote management of DomU
From: Alan Murrell <lists@xxxxxxxxxx>
Date: Thu, 15 Dec 2005 23:33:44 -0800
Delivery-date: Fri, 16 Dec 2005 07:35:49 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <E1En9iI-0006yY-N9@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <E1En9iI-0006yY-N9@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.8.2
I currently have a Xen host server setup with three nics:

  eth0 -> hidden from Dom0 and assigned to my firewall domU
  eth1 -> assigned the the bridge br-lan0, which is then exported to the 
firewall domU for my LAN (handles both domUs and real machines on the LAN 
  eth2 -> assigned to the bridge br-dmz0, which is then exported to the 
firewall domU for my DMZ (handles both domUs and real machines on the DMZ 

My problem is this: I would like to be able to log into my Dom0 remotely, but 
do not want to put a 4th NIC in place to accomplish this; I'd rather do 
something like log into my firewall domU then from there SSH into Dom0, OR 
SSH to a different port and have the firewall domU port forward to the Dom0

I was thinking I may be able to accomplish this by using a dummy interface on 
both the Dom0 and the domU firewall that are tied together, but wasn't sure 
about how to configure this?  Would I give the dummy interface on the Dom0 an 
IP address then create a dummy interface on the firewall domU on the same 
subnet and put appropriate routing rulesin place? (I use Shorewall)  Or is 
there a better way to accomplish this?

Thanks, in advance, for your advice.


Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>