I'm wondering if Open Solaris + xVM will allow me to do the following: I currently have 2 Solaris 10 servers sucking down electrons that I would like to consolidate into 2 xVM instances on a Solaris 11 quad core box.
This is what it looks like: Internet --->A sol 10 FW/Web B>---->C Sol 10 app/mail D---> local LAN So interface A is connected to the Internet. The FW/Web box runs IP Filter for FW + NAT, plus there are web services on that system. Interface B connects via crossover cable to interface C on another box running Solaris 10/IPFilter (again) as an app/file/mail server for the local lan. What I'd like to do is UFS dump the OS images into xVM images and connect them up with the same network topology. I have enough hardware to put 6 ethernets into the new box. So my questions are: 1) Can I dedicate an interface to an xVM instance without plumbing an IP on the host Sol 11 box such that I can run IPFilter in xVM as a FW and not have that interface used as an attack vector to the host? I would then dedicate 3 interfaces to xVM instances. 2 interfaces to the first Solaris 10 instance, 1 for the connection to the Internet, and the other to a cross over to another port dedicated to the 2nd Solaris 10 instance. The 4th could then be shared between the 2nd instance and the host. Ideally it, if this could be done as above, It would be cool if I could somehow virtually plumb two virtual interfaces between xVM instances for high speed communications w/o having to use physical hardware, and for increased performance, but again, without having IP plumbed on the host to use as an attack vector. Any thoughts? (Yes I know this is somewhat convoluted perhaps, and eventually once Solaris 11 is officially released I'll consider using zones and IP instances, but until then I'd like not to have to reconfigure two highly customized Solaris 10 systems just to save on power...) This message posted from opensolaris.org _______________________________________________ xen-discuss mailing list [email protected]
