Answer the question
In order to leave comments, you need to log in
How to use Xenserver 7 Single-server private Network?
Good afternoon!
There is a pool in which there is only one host so far. There are 3 virtual machines running on the host. Each virtual machine has a public ip and, accordingly, access to the Internet.
I’ll say right away to make it clearer the purpose of all manipulations. On one VM I want to run a database server, others should have access to it. As far as I understand, connecting them via public IP is not a great idea? (response + security). Correct me if I'm wrong, as I'm not very good at networking. Or will the traffic between the VMs still not go outside this host?
I decided to overturn a private grid between them. XenServer has a Single-Server Private Network for this case. Added a grid and created a virtual interface for each virtual machine. Now I don't quite understand what to do next. Add IPs to each interface? On the Citrix forum, they assure me that this is not necessary and that I can connect from one VMki to another by hostname. I tried, but nothing happened (although I didn’t have any special expectations of what would happen). Here is my post with the same question on the Citrix forum https://discussions.citrix.com/topic/379128-single...
In general, I get two questions:
1. Is it possible to connect to the database through a public IP?
2. How to use a xenserver single-private network in a real way?
Thanks in advance for any help!
Answer the question
In order to leave comments, you need to log in
Sorry, but first you have to arrange an educational program.
What is the creation of another network within the host (whether public or private or distributed between several hosts): this means the same thing as if you took a simple switch to several ports and connected ordinary system units to it with laces. How should such a network without IP work? No way. In your case, this switch is emulated programmatically, but for the operating system of the virtual machine there is just a network card, you can send some traffic to it, but without IP, the protocols of the TCP family and everything higher in the stack and based on them will not work. Exception: the case with IPv6 enabled, since LL addresses are automatically raised there and with them the ability to establish tcp sessions between two hosts within the same broadcast domain.
Once again, the same thing:
1. Create a network. Private or VLAN over an existing interface, it doesn't matter.
2. Add an interface for the VM, the network for which will be what you created in step 1.
3. The created interface needs to be configured in the OS.
4. If there is no router in this network, then it will remain local for these VMs and traffic will not go out of this network.
IMHO, these are all basic things, I think it was virtualization that confused you. Just understand how it works the rest is easy.
Of course, I don’t know English well, but I can’t find a direct indication on the citrix forum that you remove the ip address from the interface and cling to hostname) If your interfaces work using the tcp / ip protocol, how should they work without ip? https://ru.wikipedia.org/wiki/TCP/IP
1) I don't think that the connection to the database should be made through public addresses, although in principle it can be cut with a firewall;
2) create a network, create interfaces on virtual machines, indicate that they look into your private network, in the interface settings on virtual machines, specify the IP address from your private network, for example, network 192.168.100.0/24, you can raise the dhcp server in it if it is will be big.
When a network is created in XenServer, a virtual switch is actually created. If you bind it to a hardware port, you are practically making a bridge to the external network. Since this is a switch, traffic between virtual machines (in theory) is localized in this switch and does not go outside.
When you create a Single-server private Network, you create another exactly the same switch, just do not release it to the outside. Otherwise, there is practically no difference. Including performance. Here's what I measured with netperf:
The network 10.*
is virtual, 192.*
with access to the outside. Servers test-server
and *.5
have 2 network interfaces, respectively, the measurement results show the performance of both networks.mainframe
is a workstation connected via a gigabit network to a SOHO switch.
Thanks for both answers.
It was not virtualization that confused me, but the option itself in XenCenter as a Single-Server Private Network, which seems to work out of the box and you don’t need to configure anything with handles + the uncle’s answers on the Sitrix forum also confused me. In general, I never received an answer on how to create a private grid using native XenServer tools and what the words "You should be able to access all VMs within that network automatically -- the IP addresses from what I recall are hidden."
UPD: I did everything with pens, everything works.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question