WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Binding a nic to an interface in domU

To: Richard Heycock <rgh@xxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Binding a nic to an interface in domU
From: Steven Howe <howe.steven@xxxxxxxxx>
Date: Mon, 05 Dec 2005 07:56:57 -0800
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 05 Dec 2005 17:59:52 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:subject:from:to:cc:in-reply-to:references:content-type:date:message-id:mime-version:x-mailer; b=lT1/9xXnsLgD4GeQlLeR597Hb10TejMRSvaqX8FbxbqEiKTSaL3m5ei7IgqvK9hkwYUz2MG7oNKygdOMy1UNJgyhi0L86NFNQDuecf+Oy8vTRqYtODY4KLGpVX2TCK3gsUl8yk7q5aIAEsMTnQ5xjkom3BUb3dZQ1qC0011WIRM=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <1133783782.13701.7.camel@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <1133783782.13701.7.camel@xxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Seems like overkill. IPTABLES has filter properties on a per route and per device basis. Why not
just learn how to use IPTABLES first, then you wouldn't need three doms.

Steven

On Mon, 2005-12-05 at 22:56 +1100, Richard Heycock wrote:
Hi,

I would like to set up a machine which has two domU vms so they can both
be used as firewall machines -- we are getting two different internet
connections and I want to firewall both of them using one machine.

What I would like to do is bind one interface in each of the domUs to
the nic and the second to a bridged device and then use iptables to
firewall each vm.

a) does anyone know if this is possible and b) does it sound like the
correct way to do this?!

rgh

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>