This Patch is running happily on my Lex Light with Xen 2.0 release since
January 2005 with no troubles (at least no troubles related to Xen or
The networking setup is far from efficient, but gives full abstraction
of the firewall policy from "real"/physical network setup and a nice Xen
The machine serves as my local routing firewall, vpn-endpoint,
dns-server and apt-proxy (and more to come). All of these functions are
separated in different unprivileged domains, providing:
- the possibility to separate them easily into different machines later
- a stronger separation of the services than possible on one machine
without virtualisation (at the cost of more resources and some more
complexity), giving more security and reducing the risk of one service
monopolizing the CPU.
The firewall domain is now controlling 16 virtual interfaces, having
each domain and physical server in an own DMZ:
- 1 internet connection (SDSL)
- 4 local other domains (including dom0)
- 6 xen domains on a second machine (including dom0)
- 2 domains running on demand (local or remote)
- 3 more physical machines
The interface of dom0 can be shutdown when no maintenance work has to be
- all five NICs of the machine (3 onboard, 2 USB) are connected to the
firewall-domain via bridging (one own bridge and vif for each NIC).
- all local domains are bridged to separate firewall-vifs
- the domains from the second Xen-Server are bridged via VLANS and also
routed by the firewall domain with no direct connection to their dom0 or
One of the next steps is to add a file integrity assessment (host based
IDS) running from dom0 or on the daily backup data and therefore fully
invisible from guest domains.
Thanks to the Xen team for a great software and to Adam Sulmicki for his
patch allowing me to do all of the above with a fanless booksize PC.