WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] Q: firewalling in Dom0 (bonding also)

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Q: firewalling in Dom0 (bonding also)
From: "Ulrich Windl" <ulrich.windl@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 08 Nov 2006 08:03:36 +0100
Delivery-date: Tue, 07 Nov 2006 23:04:32 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: Universitaet Regensburg, Klinikum
Priority: normal
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hi,

the docs suggest to use firewalling in Dom0. I have a question:
Dom0 sees al the interfaces, not just those considered its "own" ones. So 
should I 
set up firewalling to use/protect only Dom0's own interfaces, leaving 
individual 
firewalls to DomUs, or should I set up firewalling on the physical interfaces 
(peth*)?
To make things a bit worse I' using bonding, where I currently see a bond0, but 
no 
pbond0 ;-) I haven't investigated yet whether the default scripts do what they 
are 
supposed to do.

I'm using the description in 
http://www.novell.com/coolsolutions/feature/17605.html ("SUSE Linux Enterprise 
Server 10 VM Network Configuration Examples"), but it leaves several issues 
unhandled.

Regards,
Ulrich


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-users] Q: firewalling in Dom0 (bonding also), Ulrich Windl <=