Summary

This document describes how to create a separate network inside a XenServer. Such a network can be used for testing purposes because it is completely separate from other networks (behind network address translation). For example, full Active Directory implementation where you can also configure a DHCP server. The DHCP server will not interfere with other DHCP servers on other networks connected to the XenServer.

This implementation was tested on XenServer 4.x and does not include a firewall configuration.

Requirements

Linux Templates installed
Knowledge of Nano or Vi text editor (this article uses the Nano editor for simplicity)
Basic Linux knowledge
Basic IP and network understanding
Basic XenServer administration skills

Procedure

Task summary

1. Create a new network in Xen Center

2. Install a router (Debian Etch)

• Attach the newly created Testing Network in XenCenter

3.Configure the router (Debian Etch)

• Configure network interfaces

• Disable IP Forwarding

• Configure Network Address Translation (NAT) or Port Address Translation (PAT)

• Restart

4. Install additional Virtual Machines (VMs) on this network

• Delete all networks

• Add a Testing Network

Detailed procedure:

1. Create a new network.

a. Select your Pool and select the Network tab. Click Add to add new network.

b. Select External Network and click Next.

c. Enter a name and description for the new network. This can be anything and it can be changed any time later. Click Next.

d. Select a physical network interface and assign a VLAN number. Leave the check box unselected.

e. Click Finish to complete the Network Wizard.

f. Verify that your network appears in the list of networks.

2. Install the Router (VM with Debian Etch).

a. Create a new VM by clicking the New VM button. Select the Debian Etch 4.0 template and click Next.

b. Enter a name and description for the new VM. This can be anything and it can be changed any time later. Click Next.

c. Select the VM’s home server. If you install the VM on a Network File Share (NFS) or iSCSI storage then you may choose automatic selection. If you install the VM on Local storage then you must choose a particular server (Xen Host Server).

d. Set the number of CPUs and the initial memory accordingly.

e. Confirm or adjust virtual disks. The selection will depend on the storage type and location.

f. Add the newly created network (TestNet) and verify that you have both networks installed on this VM. Network 0 was assigned automatically.

g. Click on Finish to complete the wizard.

h. Log on to the new VM (debian-router) that appears in your list and complete the initial configuration when started.

Enter a new password for the root user.

Enter a new password for the virtual network (VNC).

Enter the hostname: debian-router (you may enter any hostname you like).

3. Configure the router (debian-router).

Note: All work is done in the Command Line Interface (CLI) of VM (debian-router).

a. Log on to the debian-router with root credentials.

b. Configure network interfaces by editing the /etc/network/interfaces file to adjust the configuration of your interfaces.

i. At the command line issue the following command:

nano etc/network/interfaces

Note: The content of the file should look similar as on the screen below. Your IP address may differ.

ii. Modify the file accordingly

iii. Press CTRL+O to save the changes.

iv. Press CTRL+X to exit Nano.

c. Configure IP Forwarding.

i. Type the following at the command line to edit file /etc/sysctl.conf:

nano /etc/sysctl.conf

ii. Uncomment the following line and disable packet forwarding for IPv4:

#net.ipv4.conf.default.forwarding=1

Change to

net.ipv4.conf.default.forwarding=0

iii. Press CTRL+O to save the changes.

iv. Press CTRL+X to exit Nano.

d. Configure NAT (PAT).

i. Create a new /etc/iptables.conf file and edit the file according the screen shot below.

# nano /etc/iptables.conf

ii. Press CTRL+O to save the changes.

iii. Press CTRL+X to exit Nano.

f. Type the following at the command line to set permissions on file:

#chmod 744 /etc/iptables.conf

g. Edit the file /etc/rc.local by typing the following command to start NAT on start-up.

#nano /etc/rc.local

i. Add the following line to the file as shown in the screen shot below:

/etc/iptables.conf

ii. Press CTRL+O to save the changes.

iii. Press CTRL+X to exit Nano.

iv. Restart the host by typing the following command:

#reboot

h. Type the following command to check the network and verify that your display has three interfaces: eth0, eth1, lo)

#ifconfig

4. Install other machines on the Testing Network. Make sure that you change the network to TestNet if you want to have the machine on Testing Network.

More Information

Domain Name Service (DNS) Resolution on a Debian-router

To configure DNS resolution on the router, use the following procedure.

1. Type the following command to edit the file /etc/resolv.conf:

#nano /etc/resolv.conf

2. Delete all its content and add the following line/lines with name server’s IP address (you may add more lines):

nameserver  xxx.xxx.xxx.xxx
nameserver  xxx.xxx.xxx.xxx

3. Press CTRL+O to save the changes.

4. Press CTRL+X to exit Nano.

For details on XenServer installation and configuration refer to the following documentation:

XenServer 4.1

CTX116769 - XenServer Administrator's Guide
CTX116768 - XenServer Installation Guide
CTX116770 - XenServer Virtual Machine Installation Guide

XenServer 4.0

CTX115643 - XenServer Administrator Guide Version 4.0.1
CTX115641 - XenServer Installation Guide Version 4.0.1
CTX115642 - XenServer Virtual Machine Installation Guide Version 4.0.1