Tapas Mishra wrote: > On Sat, Apr 10, 2010 at 10:50 PM, Jason Edgecombe > <ja...@rampaginggeek.com> wrote: > >> ok, I'm a little confused. Please confirm that I understand this correctly. >> >> You have 6 hosts: >> > Right > >> two physical machines: A( xenhost dom0) & B (non-xen) >> > Right > >> four xen domU's: a,b,c,d >> > Right > >> You have two physical networks: Net1 (public internet), and Net2 (private >> net) >> > Yes 2 networks > >> Xen host A is connected to both Net1 and Net2. >> > Yes on same interface. > >> Host A has a xen bridged >> > Yes now this is the problem wether bridge is running on it or not I am > not sure although > brctl show > gives an out put bridge name eth2 > but I am using xen 3.2 and in xen 3.3 and onwards the default name of > bridge is same as > the ethernet card. > > >> network with Net2, so that a, b, c, and d are all bridged to Net2. >> >> Host B is Net2. >> > > >> Is this correct? >> > Yes > > Ok by the time you replied I had figured out see if it is right. > Dom0 is acting as a router here > as this page says > dom0 from acting as an IP router: echo 0 > /proc/sys/net/ipv4/ip_forward. > So the way I explained ssh is working from behind. > > Now the thing is I want to go to setup IPTABLES and NAT on Dom0 for > the virtual hosts. > I am very well aware of IPTABLES but Xen Dom0 is confusing me. > I want these virtual hosts to be able to connect to internet as I run apt-get > or commands so I will be creating a squid proxy on Dom0 for > DomU's to be behind Dom0 is it possible if yes if you can provide me > some link that may help me a bit. > Xen network wiki page talks some thing about ebtables. > http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html > Now here is I am confused at ebtables and iptables. > You shouldn't need to use ebtables. Iptables should work.
For your situation, you will need "echo 1 > /proc/sys/net/ipv4/ip_forward" you should be able to to set up a bridge, but use the private NIC instead of the public NIC on dom0., then just follow a NAT tutorial. Leave the ssh forwarding and apache proxy until last. Jason _______________________________________________ Linux-PowerEdge mailing list Linux-PowerEdge@dell.com https://lists.us.dell.com/mailman/listinfo/linux-poweredge Please read the FAQ at http://lists.us.dell.com/faq
