Ken Bass wrote on Mon, 28 Apr 2008 20:55:13 -0400: > Hmm. I dont have a separate gateway in that net. 192.168.144.5 is the > gateway for everything. But each of my ip addresses are actual real DNS > entries so packets originating from them should come from them. Ok, public routable addresses. I'm not a network expert, but I don't see how these public addresses can be used if the gateway doesn't have an IP number from each of those subnets. No matter if physical machines or virtual machines are involved. (I used > 192.168 as a private example, but my actual addresses are real). And > shouldn't the installer just setup a default route to the dom0 that is > installing via its eth0? No, you do not need a route there at all. Your Dom0 doesn't even need to have an IP number and your Dom0 and DomU's don't need to have IP numbers from the same net. In this regard DomU's are very much like independant physical PCs. At least if you use the standard bridging that comes with Xen. > Also my ip ranges, being > real, are very limited so I don't have a 'pool' of ip addresses to > create dummy gateways on each subnet. AFAIK, your peripheral router needs one IP number from each subnet (or you need to have some other device play that role in your network and route to the router, whatever you do, it won't spare you an IP number). If you have the impression that you need an additional IP number from that subnet on the Dom0 for routing to/from the DomU and you do not want to "waste" that IP - that is not the case! (with bridging at least - if you do routing, I assume you may need that, so, with routed networking you actually need more IP numbers, I guess). I think if your question actually revolves around "how to use as few IP addresses as necessary and have them all publically routed" this is actually not xen/vm-related at all, so you may get more answers on the main centos list. And, *do* you need to have all these machines in public subnets? For instance, I also have a public subnet for my office here and I've been using that for several years, all machines had public addresses. Recently, I wanted to free up some net space for new machines that need to be public. So, I moved all the workstations that need to have internet access, but not serve anything to a private subnet and added NAT routing on the gateway. Some PCs are now on the public subnet and some are private, and all have internet access over the same router. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com