Kamis, 03 Oktober 2013

Bristol Digest, Vol 519, Issue 1

Send Bristol mailing list submissions to
bristol@mailman.lug.org.uk

To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.lug.org.uk/mailman/listinfo/bristol
or, via email, send a message with subject or body 'help' to
bristol-request@mailman.lug.org.uk

You can reach the person managing the list at
bristol-owner@mailman.lug.org.uk

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Bristol digest..."


Today's Topics:

1. Xen and Ubuntu (Adey Hobson-Merrett)


----------------------------------------------------------------------

Message: 1
Date: Wed, 2 Oct 2013 23:26:16 +0100
From: Adey Hobson-Merrett <a.hobsonmerrett@gmail.com>
To: bristol@mailman.lug.org.uk
Subject: [bristol] Xen and Ubuntu
Message-ID:
<CAFHqiUagFv2qDeZm+M7Dtu3o4k64LxpFmPWFFPjVVoLuN1h5UA@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

Hello all,

I'm running Xen 4.2.2 on Ubuntu 13.04 with kernel: 3.8.0-19-generic.

Xen is working and I can build pv and hvm domains. I hoping for some
guidance on Driver Domains for enhancing the security of my server.

What I'm struggling with is the lack of clarity with the documentation or
response from the irc channel ##xen to questions:

I am confused about driver domains and pass through. The documentation
states that if a device is passed through it is not available to dom0,
therefore I should not be able to add it as a driver domain. The
documentation here contradicts itself at the end and says I should be able
to:

http://wiki.xen.org/wiki/Driver_Domain

The above states as one of the steps to configure pci pass through, which I
have done and modified my /etc/network/interfaces to not use the bridge
that was attached to that interface as it is no longer available.

As the Interface is set with xl pci-asignable-add 07:00.0 it no longer
shows up as eth0 for ifconfig.
xl pci-assinable-list shows that the network card is available.

So how would I assign it as a vif='backend=domain,bridge=xenbr1' in a
configuration file?

The line pci = ['07:00.0'] in the domain that it is being attached to
works, the adapter is available to the virtual domain and works.

It is also not clear from the documentation if netfilter is in affect for
this interface. I assume it is not as it is not available to dom0.


Please let me know if you need any additional information or clarification.

Adey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.lug.org.uk/mailman/private/bristol/attachments/20131002/ca9947c5/attachment-0001.html>

------------------------------

_______________________________________________
Bristol mailing list
Bristol@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/bristol

End of Bristol Digest, Vol 519, Issue 1
***************************************
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)