Been playing with the new virt layer in RHEL5 and having a blast. I did have to make some changes to get NAT to work with guest domains. Nothing huge, just created a dummy network device and bridged to that instead of the normal eth0 as such -
# Dummy interface for Xen
/etc/xen/xend-config.sxp – changed
(network-script network-bridge) to
(network-script 'network-bridge netdev=dummy0')
I then enabled NAT for the interfaces -
/etc/sysctl.conf – changed
net.ipv4.ip_forward = 1 to
net.ipv4.ip_forward = 1 and ran
sysctl -p to make the change live
Last step was doing the needful iptables setup. Running
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE will setup the basics, you may also have to add a rule to allow the traffic on the dummy interface
iptables -I INPUT -i dummy+ -j ACCEPT. The ‘-I’ is important with the default RHEL firewall as it is evaluated before the other rules.
The RHEL5 XEN nat’ing by Matthew Schick, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.