Sorry for this double post. It was sent from the wrong e-mail address, which I
realised just too late. You can ignore it and comment on the original post if
you like instead.
On Saturday 5 May 2007 16:18, Geert Janssens wrote:
> Hi Marc,
> I have seen two network diagrams of you passing in the thread already and
> they both helped me understand the Xen networking a lot better.
> The first diagram explained how to setup a Xen system with 1 physical NIC,
> where one domU acts as a firewall for the other domU's. In this scenario,
> dom0 is connected to the bridge that links to the unsafe net (the "outside"
> network for the domU firewall).
> The second diagram explained who to setup a Xen system with 2 physical
> NICs, dom0 acts as a firewall between the two NICs. It is setup with two
> bridges, one that connects the internet side of the virtual network (first
> physical NIC and first virtual NIC) and one that connects the LAN side of
> the virtual network (seconf physical NIC for the rest of the LAN, second
> virtual NIC for dom0 and virtual NICs for the different domU's).
> Unfortunatly, what I am trying to achieve is yet another slight variation.
> See the attached image.
> I would like to setup a system with two physical NICs (peth0 and peth1),
> where the firewall runs in domU.
> For that I would like to setup two xen bridges.
> The first is on the LAN side, and is a typical Xen bridge: one physical
> NIC, a virtual NIC for dom0 and one for domU.
> The second would be on the internet side, but it should NOT have a virtual
> NIC for dom0, only for domU. The idea is that dom0 should not be accessible
> from the internet, only from the LAN.
> Is such a setup possible ? And if yes, how ?
> Thank you.
> Geert Janssens
> P.S. in an earlier attempt I tried to eliminate the second bridge
> altogether by assigning peth1 directly to the domU with PCI back.
> Unfortunatly, I can't seem to get PCI back working correctly on my system,
> so I'd like to try this alternative approach.
Xen-users mailing list