WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] confused: How to put packetfilter into domU and isolate

To: "Carsten Aulbert" <carsten@xxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] confused: How to put packetfilter into domU and isolate dom0 completely?
From: "Angel Lopez" <angel@xxxxxxxxxx>
Date: Tue, 27 Mar 2007 14:29:45 +0200 (CEST)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 27 Mar 2007 13:01:10 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
Importance: Normal
In-reply-to: <4608F27A.8020900@xxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4608F27A.8020900@xxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: SquirrelMail/1.4.6
Hi,

> the fancy network-bridge script. My current problem is, eth0 is still
> visible from dom0 and I cannot get rid off it. Maybe I'm stopped by not
> understanding the peth0 and veth0 business here.
> Anyone can tell me roughly how to achieve a solution here?

You have a good explanation about virtual and physical network interfaces
in the wiki: http://wiki.xensource.com/xenwiki/XenNetworking

If I'm not wrong, in a network-bridge setup, peth0 interface is the
physical NIC (the original eth0) and eth0 is a virtual NIC.

The vethX interfaces are Dom0 virtual interfaces directly linked to the
vif0 .X interfaces.

The vifX.Y and pethX interfaces are assigned to bridges.

> give me the correct words to use in search engines? I've seen
> pciback.hide for the dom0 kernel, but how can I make certain that the
> filtering domU will get that card?

I have done this. First, you have to know the PCI ID of the NIC, you can
get this with the lspci command. Second, you have to tell the PCI ID to
the kernel, you can indicate this with the pciback.hide parameter. Third,
you assign the PCI ID to the VM with the pci parameter in the VM config
file.

The hidden NIC doesn't appears in Dom0, you won't see it with ifconfig,
and it will be available in the DomU that the NIC was assigned to.

I only have a problem with this, if I hide eth3 to Dom0 and assign it to a
DomU, I see the interface in the DomU as eth3 not as eth0... how can I
rename it? with the "ip link set name" command?

Bye.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>