Xen “host-only” networking

Xen has a very flexible network configuration system, but getting what you want out of it can take a fair amount of Linux networking-fu and some time poking around in the Xen network scripts. Today I’m going to show you how to set up “host only” networking in Xen, similar to that available in VMware, with minimal knowledge and effort.

Host only networking provides network connectivity among Xen guests (domU) while preventing access to the physical network and the Xen host (dom0). Let’s jump right into the meat of the HOWTO.

To set up host-only networking, do the following:

  1. Copy my network-hostonly script to /etc/xen/scripts.
  2. Set execute bit on /etc/xen/scripts/network-hostonly
  3. In /etc/xen/xend-config.sxp change “(network-script network-xxx)” to “(network-script network-hostonly)”
  4. In /etc/xen/xend-config.sxp change “(vif-script vif-xxx)” to “(vif-script vif-bridge)”
  5. Reboot your dom0 (restarting Xen *may* be sufficient)

.

This can be accomplished by running the following (as root):

wget -o /etc/xen/scripts/network-hostonly \
    http://blog.rabidgeek.com/wp-content/uploads/2008/07/network-hostonly
chmod +x /etc/xen/scripts/network-hostonly
sed -i 's/^\(network-script /\(network-script network-hostonly\)/' \
    /etc/xen/xend-config.sxp
sed -i 's/^\(vif-script /\(vif-script vif-bridge\)/' \
    /etc/xen/xend-config.sxp
reboot

To give a little bit of background, the network-hostonly script is a derivative of the network-bridge script that is distributed with Xen. The primary difference is that the hostonly script does not add your physical network interface to the Xen bridge, leaving only the virtual interfaces which are used by domU hosts. Your physical network interface (and by proxy, the physical network) is left completely untouched.

-P