Le 20/12/2010 15:47, Mike Fröhner a écrit :
> Am 20.12.2010 15:08, schrieb Jean Baptiste FAVRE:
>> I thinking about using PCI passthrough to dedicated a domU as firewall.
>> I understand PCI passthrough concept. When done, my domU will see
>> network card and the dom0 won't any more. So I'll be able to filter all
>> trafic from outside, since it will go through network domU.
>> Then, how will I be able to connect other domU (and maybe dom0) to the
>> network domU ?
>> In a normal way, creating domU makes dom0 creating vif interfaces and
>> bridge (in my configuration) it. But once netowkr will be isolated in a
>> specific domU, dom0 won't be able to interact with it, will it ?
> How many network cards do you have in this computer? I think you'll need
> minimal 2 nics. One for dom0 and domU (vif) to communicate and one for
> PCI passthrough. As you understood right, dom0 won't see the PCI
> passthrought nic.
>> Any link/help/explanation appreciated.
For now, I have 2 nics within a bond interface.
What I would like to achieve is to have a dedicated domU acting as
firewall for all other domU like in Qubes-os project
That means, I want to passthrough both nics to one domU called "netDomU"
and connect all "regular" domU networks to "netDomU".
But since dom0 won't see any network card, how can I create vif interfaces ?
But maybe PCI passthrough won't be the solution for that purpose ?
Xen-users mailing list