|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] Question regarding xen, physicals NIC's and VLANs
Hi Daniel,
Daniel McNamara wrote:
> Hi guys,
>
> I have been given an interesting project by my work place that requires
> us to do some virualistation with a few funky caveats and I'm trying to
> find out if xen can fit into the requirments.
>
> Essentially we'll have one machine with 5 physicals NIC's. The first
> will be used as the managment link for the host OS.
The standard xen scripts for bridging or routing should handle this fine.
> The other 4 we want to bind to seperate copies of guest OS running on
> the machine. Here's where it gets interesting. Each of the guest OS's
> will have the same IP, however each one will plug into a switch port
> allocated to different VLANs.
>
> What I'm trying to find out is if this is possible with xen. Basically I
> want to lock off each of the 4 physical nics to each guest OS and ensure
> that they only talk to their appropiate vlan
>
> What I'm not sure of is how the host OS handles the network connections
> with xen and wether it will be able to handle this setup.
Using Xen stable (2.0.7) you can hide the remaining 4 nics from dom0 and
allocate each nic to a separate domU. dom0 will be ignorant of both the
nic and it's network settings. I don't believe the Xen unstable (3.0) has
this ability yet, so staying with stable would be your best bet.
A diagram of the setup you suggest might look like this:
eth1 eth2 eth3 eth4
______|_________|_________|_________|______
| ____|____ ____|____ ____|____ ____|____ |
| | domU1 | | domU2 | | domU3 | | domU4 | |
| |_______| |_______| |_______| |_______| |
| | | | | |
| \_________\ /_________/ |
| xen-br0 |
| _________________|_________________ |
| | | |
| | dom0 |===|= eth0
| |_________________________________| |
|_________________________________________|
Host Machine
To hide nics 1-4 from dom0 you need to find out their respective PCI
ID's
eg.
# lspci | grep Ethernet
0000:00:0a.0 Ethernet controller: ...
0000:00:0b.0 Ethernet controller: ...
0000:00:0c.0 Ethernet controller: ...
0000:00:0d.0 Ethernet controller: ...
0000:00:0e.0 Ethernet controller: ...
and then include that ID in your grub config:
# grep hide /boot/grub/menu.lst
kernel /xen-2.0.7.gz root=/dev/ram0 ro dom0_mem=81920
physdev_dom0_hide=(00:0b.0)(00:0c.0)(00:0d.0)(00:0e.0)
To use a specific nic for a domU, it's Xen config file needs a line like:
# grep pci /etc/xen/Firewall
pci = ['00,0b,0']
You also need to ensure that the kernel for the domU is privelliged,
and has the drivers for the nic. Using a dom0 kernel would suffice.
To manage the domU's from dom0 you will also want the domUs to each have
access to a virtual interface, either bridged or routed to eth0.
So a domU's config should then also include something like (for bridged)
nics=1
vif = [ 'mac=aa:00:00:25:40:01, bridge=xen-br0' ]
Alternatively, you could just use a Xen console, however it's not nearly
as functional as a ssh session IMHO. (OK, it doesn't look pretty:))
More information can be found in the Xen users manual.
> I have not played a lot with xen but so far it's fitting a majority of
> our requirements.
>
> I will be using fedora core 4 for both the host and guest OS's at this
> point.
I believe there are numerous posts on this list about setting up Xen on FC4.
> Any help with this question would be appreciated.
>
> Cheers
>
> Daniel McNamara
> Code Fish Sys Admin
>
Hope that helps.
Regards,
Marcus.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|