WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Re: Network isolation - PCI passthrough question

from [Simon Hobson] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Re: Network isolation - PCI passthrough question
From: Simon Hobson <linux@xxxxxxxxxxxxxxxx>
Date: Mon, 20 Dec 2010 20:02:24 +0000
Delivery-date: Mon, 20 Dec 2010 12:04:35 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4D0F8314.4020908@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4D0F6353.9020305@xxxxxxxxxxx> <ienqak$hic$1@xxxxxxxxxxxxxxx> <4D0F6E75.9060704@xxxxxxxxxxx> <ienv5g$bdh$1@xxxxxxxxxxxxxxx> <4D0F8314.4020908@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Jean Baptiste FAVRE wrote:


I don't care about dom0 network as it's just near me (test machine) :)
But I do care about domU network and I'm not sure I understand your "vif
bridged on lo-device".
I'd suggest you try manually creating a bridge with no network interfaces attached to it*. You can add an IP address directly to the bridge interface, and then the Dom0 and any DomUs you attach to it can communicate between themselves. But with no external interface attached to the bridge, nothing will have access to an outside network other than through the firewall DomU.
Apart from the lack of external NIC, this is how I run my home network. I do PCI passthrough to hide a NIC (connected to an ADSL modem) from Dom0, and all outside traffic passes though the virtual firewall in order to reach the outside world. 

* IRC something like this ought to do it :

brctl addbr br0
ip addr add w.x.y.z/n dev br0
and then specify br0 when configuring VIFs in your guests.

--
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Re: Network isolation - PCI passthrough question, dave
Next by Date:  [Xen-devel] Re: [Xen-users] Hypervisor hangs on startup, 2.6.32-5-xen dom0 kernel panic, Pasi Kärkkäinen
Previous by Thread:  [Xen-users] Re: Network isolation - PCI passthrough question, dmw
Next by Thread:  Re: [Xen-users] Re: Network isolation - PCI passthrough question, Jean Baptiste FAVRE
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy