To create a virtual private LAN which allows to communicate between Xen virtual machines (DOMx) via eth1 including the DOM0(dummy0), follow these instructions. This will create a bridge in xen DOM0 and a new interface(eth1) in the DOMx (in our case ‘vsystem1’).
NOTE: This method implies that the eth0 is also bridged. In case you need a mixed method situation, eg. routed-eth0(Internet) and bridged-dummy0(Intranet), then I suggest you have a look at the other post called: Create a mixed (routed & bridged) private VLAN for Xen Virtual Machines.
NOTE:
If you want to do the same with a real interface eg. eth1 the just omit the step 1 below and replace the word ‘dummy0’ with ‘eth1’
Building a dummy interface and bridge in DOM0
1) Add the dummy interface driver to the auto-loaded moludes
echo dummy >> /etc/modules
2) Configure the network interface:
/etc/network/interfaces
auto dummy0
iface dummy0 inet static
address 192.168.100.1
netmask 255.255.255.0
3) Bring up the dummy0 interface:
ifup dummy0
4) Create a network settings wrapper:
/etc/xen/scripts/network-bridge-eth0-dummy0
#!/bin/sh
/etc/xen/scripts/network-bridge "$@" netdev=eth0
sleep 4
/etc/xen/scripts/network-bridge "$@" netdev=dummy0
5) Set the running rights to the script
chmod 755 /etc/xen/scripts/network-bridge-eth0-dummy0
6) Instead of using the default network-script use the above new wrapper script:
/etc/xen/xend-config.sxp
(network-script network-bridge-eth0-dummy0)
7) Create manually the bridge for the dummy0 interface for now instead of booting.
(Because of the wrapper script it will be created automatically at boot-up)
Run the command:
/etc/xen/scripts/network-bridge start netdev=dummy0 antispoof=no
You should get the following message and then the normal shell prompt:
'Waiting for pdummy0 to negotiate link.'
8)Check if the new bridge is present:
ifconfig pdummy0
Good example of result:
pdummy0 Link encap:Ethernet HWaddr d2:1b:97:ac:b0:74
inet6 addr: fe80::d01b:97ff:feac:b074/64 Scope:Link
UP BROADCAST RUNNING NOARP PROMISC MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:888 (888.0 B)
9) Configure your Xen Domx virtual machine for eth1:
(It should be written all in one line)
/etc/xen/vsystem1.cfg
vif = [ 'ip=91.184.57.186,mac=00:16:3E:D7:9C:F4,bridge=eth0' , 'ip=192.168.100.100,mac=00:16:3E:D7:9C:F6,bridge=dummy0']
10) Bring down your vsystem1 DOMx machine
xm shutdown vsystem1
11) Mount the virtual disk in loop (for configuring the eth1 interface in it)
(Here we are assuming the virtual disk is /Xen/domains/vsystem1/disk.img)
mkdir /mnt/vsystem1
mount -o loop,rw /Xen/domains/vsystem1/disk.img /mnt/vsystem1
12) Configure the eth1 in the virtual disk
vim /mnt/vsystem1/etc/network/interfaces
Add the following lines and save the file:
auto eth1
iface eth1 inet static
address 192.168.100.100
netmask 255.255.255.0
13) Unmount the virtual disk
umount /mnt/vsystem1
14) Start the virtual machine
xm create /etc/xen/vsystem1.cfg -c
15) Login as root and check that the eth1 is configured
ifconfig eth1
NOTE:
To configure more virtual machines to use eth1 repeat the above steps 9 to 15 for each virtual machine.
NOT TO FORGET:
– You’ll need to configure your firewall in the DOM0 to forward the packets from one machine to another
– Do change the MAC address for each virtual machine you configure this way
– Set the ip_forwarding in the kernel of DOM0
echo 1 >/proc/sys/net/ipv4/ip_forward