ia64/xen-unstable

view docs/man/xend-config.sxp.pod.5 @ 16739:33dcf04d7715

tools/docs: Fix example and default IP addresses.

In various places in documentation and code, IP addresses are provided
as examples, defaults, or dummy configuration. In general the
specific IP addresses used in Xen are not always appropriate. (For
example, 1.2.3.4 is used in a few places!)

The following addresses should be used:
* For examples and documentation, 192.0.2.0/24. (See RFC3330.)
* For defaults for private networks, a random network from RFC1918.
I have randomly selected 172.30.206.0/24 for this purpose and
documented this in at the only registry I know of,
www.ucam.org/cam-grin. This network should henceforth be used for
default configurations of local bridges, test networks, etc. in
Xen tools.

The following addresses should NOT be used:
* 10.0.*.*, 10.1.*.*, 192.168.0.*, 192.168.1.*, etc. Using these
addresses gives greatly increased likelihood of collision, as
ignorant network administrators and reckless middlebox vendors
often pick networks from the bottom of 10/8 and 192.168/16.
* 169.254.*.*. These are reserved for zeroconf (ad-hoc networking)
and should not be used for Xen private networks, bridges, etc.,
etc. Use of these addresses by Xen scripts causes trouble on hosts
(eg laptops) which find themselves in ad-hoc networking
environments. I think this is not hypothetical (!) since at least
one Linux distribution have specific code to detect this case and
cause Xen startup to fail iff the host already has an external
zeroconf address.
* 1.2.3.4. WTF !?

I have also used 127.0.255.255 in one place where apparently a dummy
address is needed (some Linux kernels won't accept a lack of an NFS
server address). If 127.0.255.255 is mistakenly used it is unlikely
to do any damage to real traffic even if it does escape into the
network at large.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
author Keir Fraser <keir.fraser@citrix.com>
date Thu Jan 17 15:13:40 2008 +0000 (2008-01-17)
parents 3798ec84431d
children 62ec6aae4ba9
line source
1 =head1 NAME
3 xend-config.sxp - Xen daemon configuration file
5 =head1 SYNOPSIS
7 /etc/xen/xend-config.sxp
9 =head1 DESCRIPTION
11 The xend(1) program requires xend-config.sxp to specify operating
12 parameters which determine the behavior of the daemon at runtime.
14 The parameters are specified in S-expression format. See the example
15 configuration file in I</etc/xen/xend-config.sxp> for details.
17 =head1 OPTIONS
19 The following lists the daemon configuration parameters:
21 =over 4
23 =item I<logfile>
25 The location of the file to record runtime log messages. Defaults to
26 I</var/log/xen/xend.log>.
28 =item I<loglevel>
30 Filters out messages below the specified level. Possible values are
31 DEBUG, INFO, WARNING, ERROR, CRITICAL. Defaults to I<DEBUG>.
33 =item I<xend-http-server>
35 A boolean value that tells xend whether or not to start the http
36 stream socket management server. Defaults to I<no>.
38 =item I<xend-unix-server>
40 A boolean value that tells xend whether or not to start the unix
41 domain socket management server. This is required for the CLI tools
42 to operate. Defaults to I<yes>.
44 =item I<xend-relocation-server>
46 A boolean value that tells xend whether or not to start the relocation
47 server. This is required for cross-machine migrations. Defaults to
48 I<no>.
50 =item I<xend-unix-path>
52 The location of the unix domain socket the xend-unix-server will use
53 to communicate with the management tools. Defaults to
54 I</var/lib/xend/xend-socket>.
56 =item I<xend-port>
58 The port that will be used by the http management server. Defaults to
59 I<8000>.
61 =item I<xend-relocation-port>
63 The port that will be used by the relocation server. Defaults to
64 I<8002>.
66 =item I<xend-address>
68 The address to which the http management server will bind. Defaults
69 to I<''> which means "all interfaces".
71 =item I<xend-relocation-address>
73 The address to which the relocation server will bind. Defaults to
74 I<''> which means "all interfaces".
76 =item I<console-limit>
78 The kilobyte buffer limit that will be enforced by the console server.
79 This limit is set per-domain, and is needed to prevent a single domain
80 from overwhelming the console server with massive amounts of data.
81 Defaults to I<1024>.
83 =item I<network-script>
85 The name of the script in I</etc/xen/scripts> that will be run to
86 setup the networking environment. This can be any name, but in
87 general is either I<network-bridge> or I<network-route>.
89 =item I<vif-script>
91 The name of the script in I</etc/xen/scripts> that will be run to
92 setup a virtual interface when it is created or destroyed. This needs
93 to (in general) work in unison with the I<network-script>.
95 =item I<dom0-min-mem>
97 This specifies the minimum number of megabytes that will be reserved
98 for Domain0. If this value is positive, Domain0 will be automatically
99 ballooned down to this limit to make space for new domains. If this
100 is set to 0, Domain0 will not be automatically ballooned.
102 =item I<dom0-cpus>
104 This specifies the number of CPUs that Domain0 will be allowed to use.
105 If the value is 0, all available CPUs will be used by Domain0.
107 =item I<enable-dump>
109 A boolean value that tells xend whether or not core dumps of guest
110 domains should be saved when a crash occurs. Defaults to I<no>.
112 =item I<external-migration-tool>
114 The name of an application or script that can handle external device
115 migration, such as for example virtual TPM migration. An example
116 script is I</etc/xen/scripts/external-device-migrate>.
118 =back
120 =head1 EXAMPLES
122 An example configuration with relocation enabled for the local network:
124 =over 4
126 (xend-relocation-server yes)
127 (xend-relocation-address 192.0.2.192)
128 (network-script network-bridge)
129 (vif-script vif-bridge)
130 (dom0-min-mem 0)
131 (dom0-cpus 0)
133 =back
135 =head1 CAVEATS
137 Note that relocation is currently unsecured and is very dangerous if
138 left enabled. No authentication is performed, and very little sanity
139 checking takes place. Enable at your own risk.
141 =head1 SEE ALSO
143 B<xend>(1)
145 =head1 AUTHOR
147 Dan Smith <danms@us.ibm.com>