====== Xen Networking ======
Under [[http://debian.org|Debian Linux]] (Wheezy, Xen 4.x), Xen expects the network to be defined as bridges at the DOM0 level. Thus, a simple Xen DOM0, with one interface, should define a bridge which is then passed to the virtuals.
===== Basic Setup =====
Assuming the interface name is eth0, we can create a bridge (called xenbr0 by convention) as follows:
iface eth0 inet manual
auto xenbr0
iface xenbr0 inet static
bridge_ports eth0
address 192.168.1.10
netmask 255.255.255.0
gateway 192.168.1.1
The first line, //iface eth0 inet manual// says "don't do anything with eth0", then the second line //auto xenbr0// says "automatically bring up xenbr0".
After this, we simply define xenbr0 the same way we normally would define eth0 with the one added line //bridge_ports eth0//, which tells us which ports to use on the bridge.
In our DOMU configuration, we simply define the vifs to use these bridges
vif= [
'mac=00:16:3e:42:1b:70,bridge=xenbr0,vifname=jenny0',
]
If you are using more than one interface, simply replicate the above
iface eth0 inet manual
auto xenbr0
iface xenbr0 inet static
bridge_ports eth0
address 192.168.1.10
netmask 255.255.255.0
gateway 192.168.1.1
iface eth1 inet manual
auto xenbr1
iface xenbr1 inet static
bridge_ports eth1
address 192.168.2.10
netmask 255.255.255.0
and your DOMU configuration turns into
vif= [
'mac=00:16:3e:42:1b:70,bridge=xenbr0,vifname=jenny0',
'mac=00:16:3e:42:1b:71,bridge=xenbr1,vifname=jenny1',
]
===== With vlans =====
When you add vlans to the mix, I do everything in the DOM0. Under Debian, simply install the vlan package
apt-get install vlan
then modify your interfaces file to use this. The syntax is found by adding a period and the vlan number to the end of the interface name, ie //eth0.10// would be vlan 10 on eth0.
iface eth0 inet manual
auto xenbr0.10
iface xenbr0.10 inet dhcp
bridge_ports eth0.10
In the above case, we have set xenbr0.10 to acquire it's IP address over DHCP. In the virtual configuration file, you end up with.
vif= [
'mac=00:16:3e:42:1b:70,bridge=xenbr0.10,vifname=server_outside',
'mac=00:16:3e:42:1b:71,bridge=xenbr0.20,vifname=server_lan',
]
===== Bonding and vlan =====
If you want to bond your ports together (Debian for LAPC), create your bond first, then use it as the basis for your bridged vlans.
To use bonding, you must install the ifenslave package under Debian
apt-get install ifenslave
By convention, the interfaces created are set up as bond0, bond1, etc... I believe it will work with other names, but have no idea if that is so. Somewhere, somehow it needs to realize we are using ifenslave, but I think that is when it sees the //slaves// parameter.
# create a bond using eth0 and eth1
auto bond0
iface bond0 inet manual
#bond-mode 802.3ad
bond-mode 4
bond-miimon 100
bond_xmit_hash_policy layer2+3
bond_lacp_rate slow
slaves eth0 eth1
auto xenbr0.10
iface xenbr0.10 inet manual
bridge_ports bond0.10
auto xenbr0.20
iface xenbr0.20 inet static
bridge_ports bond0.20
address 10.10.0.5
netmask 255.255.255.0
gateway 10.10.0.1
and your virtual's vif stays the same
vif= [
'mac=00:16:3e:42:1b:70,bridge=xenbr0.10,vifname=server1_outside',
'mac=00:16:3e:42:1b:71,bridge=xenbr0.20,vifname=server1_lan'
]
Note: Did you notice xenbr0.10 did not define any addresses at all? By placing //manual// in place of //dhcp// or //static//, you are defining **but not configuring** the interface. That means the DOM0 will not attempt to do networking on that interface. For that matter, a smart switch will not even get the MAC address of the DOM0's interface. However, the interface can still be passed on to the virtuals with full control.
===== Resources =====
* [[http://www.debian-administration.org/users/fugit/weblog/9]]
* [[https://tipstricks.itmatrix.eu/create-a-vlan-for-xen-virtual-machines/]]