[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Communication between Domain0 and Domain1

> An alternative (and the way I prefer because of the bridge issues) is 
> to skip the bridging and just use your dom0 host as a firewall.  Assign 
> the dom0 vif an IP like, then assign the VM eth0 an IP like 
> and point to as the default route for the VM.  
> Create an ethernet alias on the dom0 host for whatever external IP you 
> wish to assign to the VM, and use iptables to NAT traffic to/from that 
> interface.  Everyone else on the network will see the VM as the 
> external IP you've assigned, but the dom0 host itself will use the 
> address to access the VM.  This is the way I've set up my 
> Xen dev box and it's working great for me.

I haven't had any problems with bridging, but I agree that the L3
routing solution may be better under some circumstances. 

It's a slight pain that the vifx.y interface in dom0 needs to be
given it's own an IP address, as it won't accept being operated
in 'pointopoint' mode. I suspect there's some ioctl we could add
to the backend driver that would enable this. Anyone know about

It would be good to have a 'vif-router' script to use as an
alternative to 'vif-bridge' for users wanting to operate a routed
configuration. If you've got something suitable we could check in
to the repo that would be great. I guess a modified 'network'
script would be required too.


This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.