Subject: A Xen configuration
To: None <>
From: Julio M. Merino Vidal <>
List: netbsd-users
Date: 09/08/2005 14:52:22
Hi all,

[ please CC me any replies ]

I've just upgraded my home server's hardware to a Pentium III
450Mhz and 512MB of memory.  I'm planning to set up a KDC
(and possibly a PDC for the Windows machines) but, as you
know, these services should be as isolated as possible to
avoid compromising the whole network in case of attach to
other services (web, etc.).  I can't afford keeping more machines
running, so maybe Xen is a good idea in this scenario.

Basically, what I have in mind is the following:
- Have a domain 0 that does firewalling and nat between the
  Internet and my home network.  This also bridges between the
  subdomains and the home network.
- Have a subdomain that runs the KDC and related authentication
- Have a subdomain that runs any other servers, such as thttpd,
  monotone, ssh, ntp and bind.

Do you think setting this up is worth the effort (WRT security) or
should I just go and run everything as usual, in a single system?
Will the machine be powerful enough to handle this?  (I'd expect
it to need more memory.)


Julio M. Merino Vidal <>
The NetBSD Project -