Tom Eastep wrote: > [EMAIL PROTECTED] wrote: >> Thanks for your feedback Tom and thanks for Shorewall! I'll start >> installing KVM at home and give it a go. >> >> Any trick you can think of for me to make my DomUs available to the net? I >> can always install shorewall on them. > > I think that the XenMyWay approach is the way to go if you need to use > Shorewall with Xen and want to do NAT to the other DomUs.
Of course you have to be able to see the forest through all of the
trees. You wrote:
> Shows I still have a lot to learn about Xen. Am I right in thinking
> your setup will still only allow one DomU to use the public IP?
You are most definitely wrong. Simon described this setup:
WAN a.b.c.d <--> Dom1 ---+--- Dom0
Dom2 ---+
... |
DomN ---+
All of the DomUs AND DOM0 can access the internet through Dom1. This is
exactly the same thing IP-wise as this:
WAN a.b.c.d <-> FW -> switch ---- pc0
|---------pc1
|---------pc2
...
|---------pcN
That is exactly what the Shorewall two-interface Quickstart Guide shows
you how to set up. As Martin says, you just have to "put the
firewall/router/NAT in a DomU".
-Tom
--
Tom Eastep \ The ultimate result of shielding men from the
Shoreline, \ effects of folly is to fill the world with fools.
Washington, USA \ -Herbert Spencer
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
