This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] Re: Network isolation - PCI passthrough question

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Re: Network isolation - PCI passthrough question
From: Jean Baptiste FAVRE <xen-users@xxxxxxxxxxx>
Date: Mon, 20 Dec 2010 22:46:54 +0100
Delivery-date: Mon, 20 Dec 2010 13:47:16 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <p06240840c93565a24140@xxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4D0F6353.9020305@xxxxxxxxxxx> <ienqak$hic$1@xxxxxxxxxxxxxxx> <4D0F6E75.9060704@xxxxxxxxxxx> <ienv5g$bdh$1@xxxxxxxxxxxxxxx> <4D0F8314.4020908@xxxxxxxxxxx> <p06240840c93565a24140@xxxxxxxxxxxxxxxxxxxxxx>
Reply-to: xen-users@xxxxxxxxxxxxxxxxxxx
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20101213 Lightning/1.0b2 Icedove/3.1.7
Le 20/12/2010 21:02, Simon Hobson a écrit :
> Jean Baptiste FAVRE wrote:
>> I don't care about dom0 network as it's just near me (test machine) :)
>> But I do care about domU network and I'm not sure I understand your "vif
>> bridged on lo-device".
> I'd suggest you try manually creating a bridge with no network
> interfaces attached to it*. You can add an IP address directly to the
> bridge interface, and then the Dom0 and any DomUs you attach to it can
> communicate between themselves. But with no external interface attached
> to the bridge, nothing will have access to an outside network other than
> through the firewall DomU.
> Apart from the lack of external NIC, this is how I run my home network.
> I do PCI passthrough to hide a NIC (connected to an ADSL modem) from
> Dom0, and all outside traffic passes though the virtual firewall in
> order to reach the outside world.
> * IRC something like this ought to do it :
> brctl addbr br0
> ip addr add w.x.y.z/n dev br0
> and then specify br0 when configuring VIFs in your guests.

Thanks for explanations, I'll try it.

Xen-users mailing list