Nethence Documentation Lab Webmail Your IP BBDock  


Those documents are obsolete, please use the Nethence Documentation instead.

HomeUnixWindowsOracleObsoleteHardwareDIYMechanicsScriptsConfigsPrivate

XEN -- NAT network configuration
 
 
Dom0
Create a custom wrapper,
cd /etc/xen/scripts
vi nat
like,
#!/bin/ksh
op=$1
[[ $op != start && $op != stop ]] && print "start|stop" && exit 1
br=/etc/xen/scripts/network-bridge
cmd="$br $op bridge=natbr netdev=dummy0 vifnum=1"
echo -n $cmd...
$cmd && echo done
unset op br
fix perms,
chmod +x nat
cd ..
 
Enable forwarding, on RHEL or Slackware (create if doesn't exist),
vi /etc/sysctl.conf
add,
net.ipv4.ip_forward = 1
apply,
sysctl -p
 
Create a dummy interface. On RHEL,
cd /etc/sysconfig/network-scripts
vi ifcfg-dummy0
like,
DEVICE=dummy0
BOOTPROTO=static
IPADDR=10.1.1.254
NETMASK=255.255.255.0
TYPE=Ethernet
ONBOOT=yes
 
Add those filter rules,
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -o eth0 -j MASQUERADE
iptables -A INPUT -i dummy0 -s 10.1.1.0/24 -j ACCEPT
iptables -A OUTPUT -o dummy0 -d 10.1.1.0/24 -j ACCEPT
and to redirect port 80 to 10.1.1.1,
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 \
-j DNAT --to-destination 10.1.1.1:80
 

Last update: Jun 28, 2011