Hi,

I'm confused!

I'm trying to get a routed network up and running with xen but can't
find sufficient information on the internet about this particular
configuration as bridging seems to be far more popular (and I'm
beginning to understand why!). Can someone help?

The configuration that I'm trying to achieve is this:

wifi (ral0) with multiple external IP addresses (done, setup via
/etc/ifconfig.ral0 and /etc/ifaliases) on the physical machine where
each ip address will be mapped/routed directly to a particular
interface in a domU.

dom0 just uses one of the allocated addresses from the ral0 pool
(done, completed effectively by the above step)

domU's use an IP based on a different subnet of the existing network
(don't want to involve NAT at this point as that just over complicates
matters)

Because it's a wifi nic I need to add mac address filtering to the
firewall in to prevent access from someone off the street. This will
be the dom0 firewall configuration.
Once the mac address filter has been passed, perform all the usual
IP/port filtering based on one of the addresses from the ral0 pool
(static) and the ip address given to the domU by xen on start-up.

The packets between these two points will be routed only.

I'm not interested (I don't think) in using the xen startup scripts
(network-script & vif-script) as I want a static point to point routed
network and I believe that all this can be achieved in the dom0
configuration.

I understand that when a domU starts it creates a vif based on the
information passed to it from the domU configuration. For that I'm
using something like:
vif = [ 'mac=aa:00:00:50:00:01, vifname=xvif0.0, ip=192.168.12.11,
mac=aa:00:00:50:00:02, vifname=xvif0.1, ip=192.168.12.12' ]

I've tried vifname=vif*, xennet* etc. but nothing seems to work.

When I try to create these interfaces in the dom0 I get device not
configured and the resulting 'hotplug failed messages' on 'xm create'
are a result of xen not being able to associate a virtual interface in
the DomU (vif) with a virtual interface in the dom0 (?). Once this has
been completed it should be a simple matter of setting up the routing
(to do).

Do I need to add them to the kernel config and recompile?

So, what don't I understand/know?
I don't understand what device to configure in the dom0 environment
(vif, xvif, xennet etc.)
I don't know whether I need to add an IP address to this device once configured.
I don't know if what I'm doing will work in practice

Here's the relevant config files:-
domU config  (striped of noise):
  kernel = "/usr/pkg/etc/xen/kernels/vmlinuz-2.6.16.29-xen"
  memory = 128
  name = "dmz"
  vif = [ 'mac=aa:00:00:50:00:01, vifname=xvif0, ip=192.168.12.11,
mac=aa:00:00:50:00:02, vifname=xvif0, ip=192.168.12.12' ]
  disk = [ 'file:/srv/xenU/debian31/debian31-hda1.img,hda1,w' ]
  disk = [ 'file:/srv/xenU/debian31/debian31-hda2.swp,hda2,w' ]
  root = "/dev/hda1"
  autorestart = True
  on_poweroff = 'destroy'
  on_reboot   = 'restart'
  on_crash    = 'restart'

xend-config.sxp (striped of noise):
(logfile /var/log/xen/xend.log)
(xend-relocation-server yes)
(xend-relocation-hosts-allow '^localhost$ ^localhost\\.localdomain$')
(dom0-min-mem 64)
(dom0-cpus 0)

Any ideas? Has anyone got something similar working and willing to
share their configs/explain how they've done it?

TIA.

Regards,
Andrew