Re: [Xen-devel] Communication between Domain0 and Domain1

> An alternative (and the way I prefer because of the bridge issues) is 
> to skip the bridging and just use your dom0 host as a firewall.  Assign 
> the dom0 vif an IP like, then assign the VM eth0 an IP like 
> and point to as the default route for the VM.  
> Create an ethernet alias on the dom0 host for whatever external IP you 
> wish to assign to the VM, and use iptables to NAT traffic to/from that 
> interface.  Everyone else on the network will see the VM as the 
> external IP you've assigned, but the dom0 host itself will use the 
> address to access the VM.  This is the way I've set up my 
> Xen dev box and it's working great for me.

I haven't had any problems with bridging, but I agree that the L3
routing solution may be better under some circumstances. 

It's a slight pain that the vifx.y interface in dom0 needs to be
given it's own an IP address, as it won't accept being operated
in 'pointopoint' mode. I suspect there's some ioctl we could add
to the backend driver that would enable this. Anyone know about

It would be good to have a 'vif-router' script to use as an
alternative to 'vif-bridge' for users wanting to operate a routed
configuration. If you've got something suitable we could check in
to the repo that would be great. I guess a modified 'network'
script would be required too.


