Codewut Because Software Matters

My current XEN installation has some unconventional setup. On my new root server I have to use routed network setup / script since I need to provide the default gateway for my assigned subnet to my XEN guests by myown.

In a common scenario, where each guest gets his own Public IP, this might not be a problem. In my case there was a need for a secondary private network where I would add proxied hosts (i.e. one for java applications proxied by apache).

Unfortunately the network scripts shipped with XEN 3.1.0 does not provide any out of the box support for such setup. So here is what I have hacked:

• dom-0 gets a eth0:1 NIC alias set to 192.168.1.1
• dom-u gets eth0 with a public IP and eth1: a private one like 192.168.1.100 (it's very important to include both of the ip addresses in the guest-configuration file!)

to enable routing you need to patch the vif-route script in order to get your private network routed properly.

Replace:

if [ "${ip}" ] ; then
    for addr in ${ip} ; do
      ${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} src ${main_ip}
    done
fi

With:

if [ "${ip}" ] ; then
    for addr in ${ip} ; do
 
        base=${ip:0:3}
        route_ip=${main_ip}
 
        if [ "$base" = "192" ]
        then
                echo "private ip detected, ${ip}" >> /xen-debug
                route_ip="192.168.1.1"
        else
                echo "public ip detected, ${ip}" >> /xen-debug
        fi
 
        ${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} src ${route_ip}
        echo "${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} src ${route_ip}" >> /xen-debug
    done
fi

Not pretty, but it will do. The hardcoded eth0:1 IP address could be obtained from the ifconfig / IP output.

Actually I did not modify the original /etc/xen/scripts/vif-bridge script but did copy that one and add here the custom patches. Don't forget to change the (vif-script ...) in the main XEN config so it points to the new custom script.