WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Xen
Home Products Support Community News

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
<prev [Thread] next>

Re: [Xen-users] Re: Network isolation - PCI passthrough question

from [dave] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Re: Network isolation - PCI passthrough question
From: dave <dave@xxxxxxxxxxxxxxx>
Date: 2010年12月20日 11:57:26 -0800
Delivery-date: 2010年12月20日 11:58:59 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <ieo1ei$nnd1ドル@xxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4D0F6353.9020305@xxxxxxxxxxx> <ienqak$hic1ドル@xxxxxxxxxxxxxxx> <4D0F6E75.9060704@xxxxxxxxxxx> <ienv5g$bdh1ドル@xxxxxxxxxxxxxxx> <4D0F8314.4020908@xxxxxxxxxxx> <ieo1ei$nnd1ドル@xxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 
let's see if I understand, something like:
domU (eth0) -> (PCI passthru) -> nic0
this domU will be like an appliance firewall, eth0 which is directly configured to pci-dev nic0 is effectively the WAN interface of the domU firewall. 
other domU vms are on the LAN side of firewall, so you need a "virtual LAN"
bridging to lo interface can be problematic. instead, from dom0, configure several 'tap' interfaces (see tunctl), and those can act as LAN interface of the firewall domU and the interfaces of all other domU vms. They can all be bridged together 
tunctl -t tap0
tunctl -t tap1
...
# then
brctl addbr tap-br0
brctl addif tap-br0 tap0
brctl addif tap-br0 tap1
...
then assign tap0 to firewall domU, tap1 to first domU vm ...
is this what you're trying to accomplish?
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date: Re: [Xen-users] VGA Passthrough , chris
Next by Date: Re: [Xen-users] Re: Network isolation - PCI passthrough question , Simon Hobson
Previous by Thread: [Xen-users] Re: Network isolation - PCI passthrough question , Mike Fröhner
Next by Thread: Re: [Xen-users] Re: Network isolation - PCI passthrough question , Jean Baptiste FAVRE
Indexes: [Date] [Thread] [Top] [All Lists]

Copyright ©, Citrix Systems Inc. All rights reserved. Legal and Privacy
Citrix This site is hosted by Citrix

AltStyle によって変換されたページ (->オリジナル) /