ia64/xen-unstable

view tools/misc/xen_nat_enable.README @ 733:7192aa19b83c

bitkeeper revision 1.435 (3f69af50wevcD9qxxa6gtfBJnXEBEw)

Merge labyrinth.cl.cam.ac.uk:/auto/groups/xeno/BK/xeno.bk
into labyrinth.cl.cam.ac.uk:/auto/anfs/scratch/labyrinth/iap10/xeno-clone/xeno.bk
author iap10@labyrinth.cl.cam.ac.uk
date Thu Sep 18 13:12:48 2003 +0000 (2003-09-18)
parents 63f8f6b56437
children
line source
1 To use NAT in domain 0 to give access for other domains:
2 1) Make sure domain 0's kernel contains at least the following options:
3 (other domains don't need this)
5 CONFIG_NETFILTER=y
6 CONFIG_IP_NF_CONNTRACK=y
7 CONFIG_IP_NF_FTP=y
8 CONFIG_IP_NF_IPTABLES=y
9 CONFIG_IP_NF_MATCH_STATE=y
10 CONFIG_IP_NF_FILTER=y
11 CONFIG_IP_NF_NAT=y
12 CONFIG_IP_NF_NAT_NEEDED=y
13 CONFIG_IP_NF_TARGET_MASQUERADE=y
14 CONFIG_IP_NF_NAT_FTP=y
16 2) Run the enable_nat script on domain 0 startup. This will bind
17 169.254.1.0 to domain 0 and set up iptables for NAT. Make sure
18 that the real IP address for eth0 has been set before running the
19 script.
20 3) Give the other domains IP addresses in 169.254.0.0/16 and a default
21 gateway of 169.254.1.0.
22 4) It should now work. Domains 1 and higher should be able to make
23 outgoing connections through NAT. FTP active or passive should both
24 work thanks to FTP connection tracking