I am attempting to
setup a firewall in a DomU. The firewall program I eventually want to run
Both my Dom0 and
DomU are Debian Lenny 64 bit systems. The Dom0 has four physical network
interfaces installed. Currently, one of the NICs is hidden using the
pciback.hide command in the /boot/grub/menu.lst file. Similarly, the
hidden NIC is passed to the DomU using the pci = ['device:address.0'] line in
the DomU configuration file.
When I modify the
DomU configuration file only to include the pci directive without an additional
vif line, the networking works as expected in the DomU. All of the
networking settings are done in the /etc/network/interfaces file within the
I want to run a
three interface firewall using Shorewall. The physical NIC (eth0) will be
used on the external side. I want to add two virtual interfaces to the
DomU for use as a DMZ interface (eth2) and private LAN interface
returned to the DomU configuration file and added a vif line containing only the
MAC address and Dom0 bridge. No IP address is listed within the vif line
in the DomU configuration file.
When starting the
DomU, networking no longer works as expected. Examining the results of
ifconfig, I see that the DomU has assigned the NICs differently than I would
expect. Examining the MAC addresses, the passthrough NIC is now assigned
as eth1 rather than eth0.
In a typical
installation, I would edit /etc/udev/rules.d/70-persistent-net.rules to manually
assign the netdev names based on MAC address. However, this file doesn't
exit in my newly created Debian Lenny DomU.
Can I simply create
the file? Does this file not exist due to some underlying Xen issue?
How should I rectify this problem?
: #1 SMP Fri Mar 13 21:39:38 UTC
: gcc version 4.3.1 (Debian
cc_compile_date : Sat
Jun 28 09:32:18 UTC 2008
Xen-users mailing list