WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] How to disable the public ip in Dom0 and enable on DomU

from [Mirco Santori] [Permanent Link][Original]
To: Sergey Vlasov <vsu@xxxxxxxxxxx>
Subject: Re: [Xen-users] How to disable the public ip in Dom0 and enable on DomU
From: Mirco Santori <mirco.santori@xxxxxxxxx>
Date: Mon, 19 Oct 2009 14:10:04 +0200
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 19 Oct 2009 05:11:03 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=eAjXm8oofeeqSAZ3sfzW9qa7b92LGah3jgHOEu/akaw=; b=CmUS4IY9oFsnxyDlIyqWUWJAq40MQoZXevR6fDkd+6vPiALdTT6PqZwdwKgNH1WlwE aCZZ9X62NwQIWGR7bSJZk4674WjhxVIqp3yO1SUsq00zgAt1EnVwrLHe7MBVJulXktl4 /hhreGtqTk8nZgtXEs+4ZD9U1LzzLEwJIwBAg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=EKuOPQc9nKMDLOEBra0Nrt3vT5dGu5qpDYhCT7/XRupxFokgWD7naZ+SEcZi8E/A6Q QseWSUDW/5brnCO8qzEkCLCeOM1MJBem//c6eHcgEwf73kNJlM1sczon9Sj64kLsqXDO AFFJpYvrloh8Gp73xUMmfet8Bk5L2r1U+Hais=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20091018174619.GA8726@xxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <bf0c4f970910180528v451e0418q4bbff54e2a46788a@xxxxxxxxxxxxxx> <20091018174619.GA8726@xxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Hi Sergey,

thank you for explaination .. now is actually much more clear.
It has resolved my problem and now works fine!!
thank you



2009/10/18 Sergey Vlasov <vsu@xxxxxxxxxxx>
On Sun, Oct 18, 2009 at 02:28:39PM +0200, Mirco Santori wrote:
[...]
> What i wish to do is to don't provide any public access to the dom0 (for
> security reason and to keep the other ip address for other things).
[...]
> and here the interface's conf :
>
> auto lo
> iface lo inet loopback
>
> auto xenbr0
> iface xenbr0 inet static
>         address xxxxxxx
>         netmask 255.255.255.xxx
>         network xxxxxxxx
>         broadcast xxxxxxxx
>         gateway xxxxxxx
>         bridge_ports eth0
>         bridge_stp off
>         bridge_maxwait 0
>         dns-nameservers xxx.xx
>         dns-search xxx.com

Just use "inet manual" instead of "inet static":

auto xenbr0
iface xenbr0 inet manual
       bridge_ports eth0
       bridge_stp off
       bridge_maxwait 0

With "inet manual" the network initialization scripts will just bring
the interface up without assigning an IP address - which is exactly
what you need for this bridge.

> auto xenbr1
> iface xenbr1 inet static
>         address 192.168.1.10
>         netmask 255.255.255.0
>         network 192.168.200.0
>         broadcast 192.168.200.255
>         gateway xxx.129
>         bridge_ports eth1
>         bridge_stp off
>         bridge_maxwait 0
>         dns-nameservers xxx.5
>         dns-search xxx.com
>
> Could someone give me some advices or suggest on how to reach my target ?
> I am working with the network-bridge .. should i use NAT or ROUTE xen
> networking ?

Using NAT or ROUTE requires assigning a public IP to dom0 (which then
will be shared with domU when using NAT, or will be used as a gateway
when using ROUTE); only bridge networking can work without IP address
in dom0.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkrbVGsACgkQW82GfkQfsqILsgCgj4GeKJqBZv/3NFf/bqRDdM6k
fWIAn2l8ht74AOJ7RpPcd+br1WzBofsg
=x51o
-----END PGP SIGNATURE-----

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Couldn't open directory /lib/modules/2.6.26-2-xen-686: No such file or directory, Vlado Peshov
Next by Date:  Re: [Xen-users] Couldn't open directory /lib/modules/2.6.26-2-xen-686: No such file or directory, Siju George
Previous by Thread:  Re: [Xen-users] How to disable the public ip in Dom0 and enable on DomU, Sergey Vlasov
Next by Thread:  [Xen-users] Configuring a NIC for DOM0 and DOMU, John Preston
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy