WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] XCP and Amazon EC2-style networking

To: Vern Burke <vburke@xxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] XCP and Amazon EC2-style networking
From: C V <rayvittal-lists@xxxxxxxxx>
Date: Sun, 14 Mar 2010 12:56:40 -0700 (PDT)
Cc:
Delivery-date: Sun, 14 Mar 2010 12:58:37 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1268596600; bh=ZRBqmbY2i1sRNvfbSYp5eTsJNRZvBI6P4PH21Mhh1/8=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=mv+tpI2eR6HOVRLnJ3yt9KGKcnZPwdsnO1yn/Kut/SF3xprA1/L+o5rpagdp93hZ/aCD451eilgzB6ZxdxmayVFX7KeXv1TM5Z9f6RF6DkrNDnPv7DevVQoKHgSs+Q9DPJzGAi4H+1jZm3nk6679+7mgtugK64h5oSjGhAVMf0g=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=TVBVHY7zN2Wz9my1n6DLktMin+kzkKiKkQ53FdDuqTCwCmbW+NNF55vUr1sgqBVloQY6Z5wcSH1hsf/DhOxhjj6fbVw2TYDy99mQEUeZjJdMgZ6BSEwNPJ0Ch80ldREaYuYP/hG4zX0Igbarw1k3i259O7luwT0T8Xdq25Ic820=;
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4B9D3B8A.30401@xxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4b37069f1003131144m5745cf28pf86ee9ce5fcf6cde@xxxxxxxxxxxxxx> <180302.12455.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <4B9D3B8A.30401@xxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
That works in a single-user usecase. If an ISP wants to replicate the EC2 model and support multiple tenants, then each tenant gets their own public IP and can program their own firewall rules through the API. Most hardware firewalls don't have APIs  to program firewall rules.



From: Vern Burke <vburke@xxxxxxxx>
To: xen-users@xxxxxxxxxxxxxxxxxxx
Sent: Sun, March 14, 2010 12:39:54 PM
Subject: Re: [Xen-users] XCP and Amazon EC2-style networking

Unless I'm reading something wrong here, I can't figure out why you'd
want a private IP NATted to a dedicated public IP for the DomU. If
you're going to use the DomUs as NATted workstations, just put the whole
thing behind a NAT router and you're done.

Vern Burke

SwiftWater Telecom
http://www.swiftwatertel.com
ISP/CLEC Engineering Services
Data Center Services
Remote Backup Services

On 3/14/2010 3:30 PM, C V wrote:
> On EC2, each instance (Xen DomU) gets an internal IP address (usually
> 10.x.y.z) and also a public IP address which is NAT'ed to the internal
> IP address. I am assuming that this NAT happens in Dom0.
>
> In XCP, the DomU VIFs are directly bridged to the physical network --
> this would be the internal IP equivalent. I don't see any equivalent way
> to NAT the public IP address to the internal IP address. With xend-style
> networking it may have been possible to use network-nat or perhaps
> network-route
>
> vi /etc/xen/xend-config.sxp
> (network-script network-route)
> #(network-script network-bridge)
> #(network-script network-nat)
>
> Is it possible in XCP?
>
> Thanks
> --
> CV
>
>
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users