Inform dom0 that it should forward requests for certain ports to this VLAN.
In order to do this, first we need to enable NAT on dom0:
# iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE
9. We can now set up rules for forwarding the ports to the correct virtual
machine. Let's first forward port 80:
# iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 80 -j
DNAT -- to 192.168.2.2:80
10. Forward the mysql port 3306 next:
# iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 3306 -j
DNAT --to 192.168.2.3:3306
Restart xend and create the virtual machines. Now we have a simple network
configuration with the dom0 forwarding requests to a guest domain inside a VLAN
based on the port. If the public IP address of dom0 is 10.10.1.176, making a request of
10.10.1.176:80, dom0 will send on the request to 192.168.2.2:80, inside the VLAN.
What Just Happened?
We leveraged a single available IP address and used the technique of NAT to
forward requests to virtual machines inside a VLAN. This is a fairly powerful
technique making it easy to add additional guest domains inside the network and
provide access to them by forwarding requests from dom0. You can add domains
anywhere on the physical network but they will appear as part of the same subnet.
Summary
In this chapter we explored three different ways of configuring networking when
using Xen:
Bridged networking: Connects two network segments by using a network
bridge and utilizes the hardware MAC addresses.
Pages:
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86