This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] How to disable the public ip in Dom0 and enable on DomU

To: Sergey Vlasov <vsu@xxxxxxxxxxx>
Subject: Re: [Xen-users] How to disable the public ip in Dom0 and enable on DomU
From: Mirco Santori <mirco.santori@xxxxxxxxx>
Date: Mon, 19 Oct 2009 14:10:04 +0200
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 19 Oct 2009 05:11:03 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=eAjXm8oofeeqSAZ3sfzW9qa7b92LGah3jgHOEu/akaw=; b=CmUS4IY9oFsnxyDlIyqWUWJAq40MQoZXevR6fDkd+6vPiALdTT6PqZwdwKgNH1WlwE aCZZ9X62NwQIWGR7bSJZk4674WjhxVIqp3yO1SUsq00zgAt1EnVwrLHe7MBVJulXktl4 /hhreGtqTk8nZgtXEs+4ZD9U1LzzLEwJIwBAg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=EKuOPQc9nKMDLOEBra0Nrt3vT5dGu5qpDYhCT7/XRupxFokgWD7naZ+SEcZi8E/A6Q QseWSUDW/5brnCO8qzEkCLCeOM1MJBem//c6eHcgEwf73kNJlM1sczon9Sj64kLsqXDO AFFJpYvrloh8Gp73xUMmfet8Bk5L2r1U+Hais=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20091018174619.GA8726@xxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <bf0c4f970910180528v451e0418q4bbff54e2a46788a@xxxxxxxxxxxxxx> <20091018174619.GA8726@xxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hi Sergey,

thank you for explaination .. now is actually much more clear.
It has resolved my problem and now works fine!!
thank you

2009/10/18 Sergey Vlasov <vsu@xxxxxxxxxxx>
On Sun, Oct 18, 2009 at 02:28:39PM +0200, Mirco Santori wrote:
> What i wish to do is to don't provide any public access to the dom0 (for
> security reason and to keep the other ip address for other things).
> and here the interface's conf :
> auto lo
> iface lo inet loopback
> auto xenbr0
> iface xenbr0 inet static
>         address xxxxxxx
>         netmask 255.255.255.xxx
>         network xxxxxxxx
>         broadcast xxxxxxxx
>         gateway xxxxxxx
>         bridge_ports eth0
>         bridge_stp off
>         bridge_maxwait 0
>         dns-nameservers xxx.xx
>         dns-search xxx.com

Just use "inet manual" instead of "inet static":

auto xenbr0
iface xenbr0 inet manual
       bridge_ports eth0
       bridge_stp off
       bridge_maxwait 0

With "inet manual" the network initialization scripts will just bring
the interface up without assigning an IP address - which is exactly
what you need for this bridge.

> auto xenbr1
> iface xenbr1 inet static
>         address
>         netmask
>         network
>         broadcast
>         gateway xxx.129
>         bridge_ports eth1
>         bridge_stp off
>         bridge_maxwait 0
>         dns-nameservers xxx.5
>         dns-search xxx.com
> Could someone give me some advices or suggest on how to reach my target ?
> I am working with the network-bridge .. should i use NAT or ROUTE xen
> networking ?

Using NAT or ROUTE requires assigning a public IP to dom0 (which then
will be shared with domU when using NAT, or will be used as a gateway
when using ROUTE); only bridge networking can work without IP address
in dom0.

Version: GnuPG v1.4.10 (GNU/Linux)


Xen-users mailing list

Xen-users mailing list
<Prev in Thread] Current Thread [Next in Thread>