Tom Eastep wrote: > This morning, I have reconfigured my Xen system to use a routed Xen network > configuration. I've documented what I did in > http://www1.shorewall.net/XenMyWay-Routed.html > > Yea -- no more Xen bridges!
Apologies for dragging up this old topic, but I have a question. (And I'm greatly appreciative of you showing how to run a firewall in a DomU.) What are the advantages to running your firewall in Dom0 instead of a DomU? Does it make it easier to DNAT to DomUs on the same server? If I'm running the firewall software in a DomU and I have 2 identically configured boxes, it seems like it would be easier to migrate the firewall DomU to another box if we run into hardware issues on the first box. Or maybe I just need to make the backup plan to pull the HDs from the primary box and place them into the secondary box while running the firewall in Dom0. (I'm also working on using bonded interfaces, which is slightly outside the scope of this list.) ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
