|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] How to disable the public ip in Dom0 and enable on DomU
On Sun, Oct 18, 2009 at 02:28:39PM +0200, Mirco Santori wrote:
[...]
> What i wish to do is to don't provide any public access to the dom0 (for
> security reason and to keep the other ip address for other things).
[...]
> and here the interface's conf :
>
> auto lo
> iface lo inet loopback
>
> auto xenbr0
> iface xenbr0 inet static
> address xxxxxxx
> netmask 255.255.255.xxx
> network xxxxxxxx
> broadcast xxxxxxxx
> gateway xxxxxxx
> bridge_ports eth0
> bridge_stp off
> bridge_maxwait 0
> dns-nameservers xxx.xx
> dns-search xxx.com
Just use "inet manual" instead of "inet static":
auto xenbr0
iface xenbr0 inet manual
bridge_ports eth0
bridge_stp off
bridge_maxwait 0
With "inet manual" the network initialization scripts will just bring
the interface up without assigning an IP address - which is exactly
what you need for this bridge.
> auto xenbr1
> iface xenbr1 inet static
> address 192.168.1.10
> netmask 255.255.255.0
> network 192.168.200.0
> broadcast 192.168.200.255
> gateway xxx.129
> bridge_ports eth1
> bridge_stp off
> bridge_maxwait 0
> dns-nameservers xxx.5
> dns-search xxx.com
>
> Could someone give me some advices or suggest on how to reach my target ?
> I am working with the network-bridge .. should i use NAT or ROUTE xen
> networking ?
Using NAT or ROUTE requires assigning a public IP to dom0 (which then
will be shared with domU when using NAT, or will be used as a gateway
when using ROUTE); only bridge networking can work without IP address
in dom0.
signature.asc
Description: Digital signature
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|