Saturday, December 1, 2007

Xen Network bridging with hiding interfaces from Dom0

I don't usually allow all network interfaces in dom0 to be up and running with an ip address on it. I use those interfaces to bridge network traffics to the guests. The default xen scripts brigs up those interfaces in Dom0 and adds to the bridges specified. To prevent this I use the below configuration. Having multiple interfaces on Dom0 also disturbs my routing.

- Copy /etc/xen/scripts/network-bridge as /etc/xen/scripts/network-bridge-noifup. Edit /etc/xen/scripts/network-bridge-noifup and comment out "do_ifup ${bridge}" lines. Line 201 and 228.

- Edit /etc/xen/xend-config.sxp and change

(network-script network-bridge)

To

(network-script network-bridge-custom)

- Create /etc/xen/scripts/network-bridge-custom with the below contents. Below is taken from my system which has four interfaces.

#!/bin/sh
/etc/xen/scripts/network-bridge $1 netdev=eth0 bridge=xenbr0 vifnum=0
/etc/xen/scripts/network-bridge-noifup $1 netdev=eth1 bridge=xenbr1 vifnum=1
/etc/xen/scripts/network-bridge-noifup $1 netdev=eth2 bridge=xenbr2 vifnum=2
/etc/xen/scripts/network-bridge-noifup $1 netdev=eth3 bridge=xenbr3 vifnum=3

I usually reboot the system after making this sort of changes.

After this I would export these devices to guests through the vif = parameter in the guest configuration file. Eg,

vif = [ "mac=00:16:3e:7b:0e:a4,bridge=xenbr0", "mac=xx:xx:xx:xx:xx:xx, bridge=xenbr1" ]

This has worked very nicely for me.