How should I configure Xen to allow multiple different IP ranges in the domUs?

networking debian virtualization xen

I'll assume that 91.121.x.x is routed across the internet to the gateway at gateway 188.165.X.254

The gateway then needs a route for 91.121.x.x to go to the VM host at 188.165.X.Y

This means that any traffic trying to get to 91.121.x.x will end up at your Xen server.

In the previous question, all of the interfaces were on the same network, and so everything could be bridged to the main interface - this is a layer 2 connection.

However, in this case, the guests are on a different network to the host. We need a layer 3 - routed - connection.

Two things need to happen on the host

1) It needs an interface in the 91.121.x.x network 2) It needs to become a router

For (1) we have a similar network setup as before, however the physical interface is kept out of the bridge. We create a bridge interface for the virtual machines to connect to, but give it its own address separate from the eth0 interface:

auto lo br0 eth0

iface lo inet loopback

iface br0 inet static
        bridge_ports none
        address 91.121.x.1
        netmask 255.255.255.0

iface eth0 inet static
       address 188.165.X.Y
       netmask 255.255.255.0
       network 188.165.X.0
       broadcast 188.165.X.255
       gateway 188.165.X.254

Once this comes up, the server will have two interfaces, and can act as a router. This is off by default. Change /etc/sysctl.conf and make sure the following line is uncommented:

 net.ipv4.ip_forward=1

You can enable this temporarily at the command line with the following, but the change above is needed to survive a reboot:

 sysctl -w net.ipv4.ip_forward=1

Now the server will route packets that arrive on eth0 destined for 91.121.x.x out of the br0 interface. So now we need to bridge the vms to this interface. This is exactly as you normally do it, just putting it here for completeness:

In the .cfg:

 vif = ['bridge=br0, mac=00:16:3E:12:16:19']

In the domU interfaces file:

auto eth0
iface eth0 inet static
    address 91.121.A.B
    gateway 91.121.x.x (this is the dom0 br0 interface address)
    netmask 255.255.255.0

You can test all is working correctly across the bridge by pinging 91.121.x.x from domU to ping dom0 and ping 91.121.x.254 to ping domU from dom0. Then ping the dom0 outside interface from domu: 188.165.X.Y

The first ping proves the bridge is working, and the second proves the routing is working.

Related

How can I adjust by how much the sound volume changes every time I press the volume change keys?
ffmpeg merge dash cam mp4 videos with last second trimmed?
File syncing across multiple operating systems [closed]
Why have my network interfaces been renamed after installing Ubuntu, and how do I rename them back?
Find edited Word attachment opened via Windows Mail (Vista)
Why do I not get to the same website when using this IPv4 address instead of the url?
Unplugged wire in Dell Vostro 1510 laptop?
Can I backup using Time Machine and restore to another account?
What are the "Overlapping Squares" icon in status menu on login screen?
Is it possible to count time with Siri?
Really switch among all the applications by shortcuts
Renewal of App Store Developer Contract (Paid Applications)