diff --git a/docs/XenMyWay-Routed.xml b/docs/XenMyWay-Routed.xml
index 1a33290ee..9cd22a328 100644
--- a/docs/XenMyWay-Routed.xml
+++ b/docs/XenMyWay-Routed.xml
@@ -130,7 +130,7 @@
- There are Two Xen domains.
+ There are three Xen domains.
@@ -143,9 +143,15 @@
- The DomU (Domain name lists,
- DNS name lists.shorewall.net) is used
- as a public Web/FTP/Mail/DNS server.
+ A DomU (Domain name lists, DNS
+ name lists.shorewall.net) that is
+ used as a public Web/FTP/Mail/DNS server.
+
+
+
+ A DomU (Domain name test, DNS
+ name test.shorewall.net) that I use
+ for Shorewall testing.
@@ -245,6 +251,27 @@ gateway:~ #
address.
+ /etc/xen/auto/02-test — configuration file
+ for the test domain.
+
+
+ disk = [ 'phy:/dev/hdb4,hda,w', 'phy:/dev/hda,hdb,r' ]
+memory = 512
+vcpus = 1
+builder = 'linux'
+name = 'test'
+vif = [ 'mac=00:16:3e:83:ad:28, ip=192.168.1.7, vifname=eth4' ]
+localtime = 0
+on_poweroff = 'destroy'
+on_reboot = 'restart'
+on_crash = 'restart'
+extra = ' TERM=xterm'
+bootloader = '/usr/lib/xen/boot/domUloader.py'
+bootentry = 'hda2:/boot/vmlinuz-xen,/boot/initrd-xen'
+
+
+
Excerpt from
/etc/xen/xend-config.sxp:
…
@@ -279,33 +306,6 @@ gateway:~ #
work.
-
-
- I have been asked a couple of times "How would I add another
- domU to the DMZ?" Here is a sample config file to add a second domU
- named "server", boot device /dev/sda10 and IP
- address 206.124.146.179:
-
- disk = [ 'phy:/dev/sda10,hda,w', 'phy:/dev/hda,hdb,r' ]
-memory = 512
-vcpus = 1
-builder = 'linux'
-name = 'server'
-vif = [ 'mac=aa:cc:00:00:00:02, ip=206.124.146.179, vifname=eth4' ]
-localtime = 0
-on_poweroff = 'destroy'
-on_reboot = 'restart'
-on_crash = 'restart'
-extra = ' TERM=xterm'
-bootloader = '/usr/lib/xen/boot/domUloader.py'
-bootentry = 'hda2:/boot/vmlinuz-xen,/boot/initrd-xen'
-
- Note that this domU has its own vif named eth4.
-
- The Shorewall configuration would need to be adjusted
- accordingly.
-
With both Xen domains up and running, the system looks as shown in
@@ -324,9 +324,9 @@ bootentry = 'hda2:/boot/vmlinuz-xen,/boot/initrd-xen'
showed that UDP packets from the lists DomU had incorrect checksums. That
problem was corrected by arranging for the following command to be
- executed in the lists domain when its
- eth0 device was brought
- up:
+ executed in the lists and test domains when the eth0 device was brought up:
ethtool -K eth0 tx off
@@ -487,6 +487,7 @@ INT_IF=br0
DMZ_IF=eth3
EXT_IF=eth0
WIFI_IF=eth2
+TEST_IF=eth4
OMAK=<IP address at our second home>
@@ -502,6 +503,7 @@ OMAK=<IP address at our second home>
net $EXT_IF 206.124.146.255 dhcp,norfc1918,logmartians,blacklist,tcpflags,nosmurfs
dmz $DMZ_IF 192.168.0.255 logmartians
loc $INT_IF 192.168.1.255 dhcp,routeback,logmartians
+loc $TEST_IF -
wifi $WIFI_IF 192.168.3.255 dhcp,maclist
vpn tun+ -
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
@@ -531,6 +533,7 @@ $EXT_IF 192.168.0.0/22 206.124.146.179
#ADDRESS INTERFACE EXTERNAL HAVEROUTE PERSISTENT
192.168.1.1 $EXT_IF $INT_IF yes
206.124.146.177 $DMZ_IF $EXT_IF yes
+192.168.1.7 $TEST_IF $INT_IF yes
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
/etc/shorewall/tunnels: