0

I have two physical hosts running Xen 3.2, sharing storage via iSCSI. On these two hosts are a number of domUs and I'd like to network them in multiple private networks so they can only contact other domUs on their private network.

My understanding of the xen documentation suggests it's possible to do this within one dom0 (ie create virtual networks between domUs), but I've found nothing explaining how this can be implemented across multiple dom0s on different hosts. The only thing that jumps to mind is manually creating iptable rules to route data to the other host, but this seems to lack elegance and could quickly grow cumbersome.

Any suggestions? All advice is much appreciated!

Joe
  • 344
  • 2
  • 7
  • 23

2 Answers2

1

you should take a look at Open vSwitch.

From the web site:

Open vSwitch is a multilayer virtual switch licensed under the open source Apache 2 license. Our goal is to build a production quality switch for VM environments that supports standard management interfaces (e.g. NetFlow, RSPAN, ERSPAN, IOS-like CLI), and is open to programmatic extension and control. In addition, it is designed to support distribution across multiple physical servers similar to VMware’s distributed vswitch or Cisco’s Nexus 1000V.

Open vSwitch currently supports multiple virtualization technologies. It is the default switch in the Xen Cloud Platform. And it supports open source Xen, XenServer, KVM, and VirtualBox. The bulk of the code is written in platform-independent C and is easily ported to other environments.

sajb
  • 241
  • 1
  • 7
  • Interesting. I can't find much documentation specially addressing how to implement it with xen (as against xenserver), do you know of any out there? – Joe May 23 '10 at 14:38
  • No, I don't really. I just read the announcement of the 1.0.0 release last week. I am most familiar with the VMware products, just keeping an eye on the other products in the field. – sajb May 23 '10 at 15:11
0

I'm not sure if it will help but you might want to consider using VLANs?

sybreon
  • 7,405
  • 1
  • 21
  • 20
  • Indeed, it looks like it would be possible to produce the functionality needed using VLANs. Suggestion of Open vSwitch or something specifically written for xen seems more appealing though so am going to have a look into that. – Joe May 23 '10 at 14:41
  • It's preferable for the traffic not to have to bounce off the physical layer. – Dan Carley Jun 21 '10 at 16:26