tomclegg.net


Diary
Examples
    256-router
    adzap
    apache-double-reverse
    cacti-adodb-php4
    debian-quota
    diskonmodule
    dollarsperbyte
    dynip
    ezmlm-linux
    fbsdhabits
    freebsdclone
    macbook-quantal-sound
    maildirpop3d-awfulhak
    mandy
    md
    mrtg
    net-snmp
    nodefaultroute
    oracle9i
    oracle9i-bsd5
    oracle9i-client
    oracle9i-nat
    php-cgi
    php-commandline
    php-image
    php-kics
    php-mini_httpd
    pinouts
    pizzaperdollar
    plesk-symlink-php
    pxe
    qmail-linux
    qmail-qfilter
    racoon-sonicwall
    redundant-vpn
    rewriterule
    seahorse-workaround
    setting-locale-failed
    smalldog
    snmpv3-cacti
    spamassassin
    squid-tproxy
    supfile
    suse73
    svc-nmbd
    svc-smbd
    svc-smtpd
    switch-virtualbox-virsh
    toyotastereo
    vm
    vn-file
    wmp-invalid
    xcode-remote-install
    xen-eth0-renamed
  >xen-monowall<
    xen3-ubuntu-dapper
    zz-update-grub-fail
Hire Tom
Mostly Mozart
Patches
School
Scrapbook
Software
Telephones




colocation
comments
davidireland
edsgranola
faq
funsites
goodlooking
goodmovies
google-earth-saucy-amd64
houserules
liberating
resume
resume2
scratch
shopping
snacks
todo
university
warisbogus

With serial console on "xm console".

Use generic-pc-serial image.

Patch vif-common.sh if you want to give your network interfaces useful names in dom0 -- see serverfault article.¹

--- /etc/xen/scripts/vif-common.sh.orig 2013-04-19 04:34:08.000000000 -0700
+++ /etc/xen/scripts/vif-common.sh      2013-05-12 23:38:08.000000000 -0700
@@ -98,7 +98,9 @@
         vifname="${vifname}-emu"
         if [ "$command" == "add" ] && ! ip link show "$vifname" >&/dev/null
         then
+           ip link set "$dev" down
             do_or_die ip link set "$dev" name "$vifname"
+           ip link set "$vifname" up
         fi
         dev="$vifname"
     fi

Dedicate one of dom0's network interfaces to monowall's WAN interface to ensure your DHCP leases match the MAC addresses on the wire (this is necessary for Telus and presumably other ISPs too). See br1 below.

# /etc/network/interfaces
auto lo br0 br1

iface lo inet loopback

iface br0 inet static
  address 10.9.8.20
  netmask 255.255.255.0
  gateway 10.9.8.1
  bridge_ports eth0

iface br1 inet static
  address 0.0.0.0
  bridge_ports eth1
  post-up /sbin/ifconfig eth1 up hw ether fe:ff:ff:ff:ff:ff

Either reboot or run if-up br1.

In your guest config, use eth1's real mac address as vif_gw1's emulated mac address:

kernel = '/usr/lib/xen-4.1/boot/hvmloader'
builder = 'hvm'
memory = 128
device_model = '/usr/lib/xen-4.1/bin/qemu-dm'
vif = ['mac=2:3:4:5:6:7, bridge=br0, vifname=vif_gw0, type=ioemu', 'mac=co:py:fr:om:et:h1, bridge=br1, vifname=vif_gw1, type=ioemu']
disk = ['phy:/dev/mapper/vg0-gw--root,ioemu:hda,w']
boot = 'c'
serial = 'pty'
name = 'gw'
vcpus = 1

¹ Otherwise you get:

Error: Device 0 (vif) could not be connected. ip link set vif10.0-emu name vif_gw0-emu failed