[CentOS-virt] Question - Xen host, DHCPD and guest VMs

Fri Nov 6 17:21:34 UTC 2009
Ben M. <centos at rivint.com>

In both my office and home network I DHCP off of the perimeter 
router/firewalls. Works fine. More than one DHCP server on a network is 
always problematic. On my office network, once I have the lease on a 
device, I can force its mac address to an IP address in effect creating 
a static IP without touching the guest's nic setup and not having to 
worry about future DNS server, routing, or gateway changes setups on 
guests and other dhcp clients.

Scot P. Floess wrote:
> So, to be honest this is running on my home network ;)  I'm not too 
> worried about security - there is nothing sensitive on my network as is :)
> 
> Interesting, I never considered running a guest VM and it serving up dhcp 
> addresses :D
> 
> So, one thing about my home network is my machines don't all have much 
> RAM.  This particular machine has 1 GB and is my "administrative" 
> server - DNS, NIS, NFS, etc...  I slivered off a small VM for a postgres 
> DB and like it to start up when the machine boots.  I do, sometimes bring 
> that down and bring up another VM...
> 
> I definitely understand what you mean though - but this isn't mission 
> critical or anything so I don't mind it doing what its doing - it works 
> fine to date by bouncing dhcpd - but I hate that ;)  I may try to get my 
> cable modem-router to serve up dhcp - but I don't think it'll let me do 
> ddns internally (that's another thing I am doing inside my network)...
> 
> On Fri, 6 Nov 2009, Christopher G. Stach II wrote:
> 
>> ----- "Scot P. Floess" <sfloess at nc.rr.com> wrote:
>>
>>> Anybody know what I need to do :)  I've been bouncing dhcpd in
>>> /etc/rc.local and starting any VMs there.  Although annoying, I'd
>>> rather
>>> do it "right" so I can auto start my Xen guests...
>> If you want to do it correctly, don't run dhcpd in domain 0. :) You're exposing your host to traffic that it doesn't need to deal with, which can be bad for performance and is bad for security. You're also putting one extra service there that isn't solely related to keeping the ground beneath the guests, the only thing domain 0 should be doing. Start a guest to run dhcpd in auto and name the sym link in auto something like "00-guestname" so it runs before the other guests. If you have two or more physical hosts and you run ISC dhcpd, run another one of these guests as a dhcp failover peer on another host.
>>
>> -- 
>> Christopher G. Stach II
>>
>>
>> _______________________________________________
>> CentOS-virt mailing list
>> CentOS-virt at centos.org
>> http://lists.centos.org/mailman/listinfo/centos-virt
>>
> 
> Scot P. Floess
> 27 Lake Royale
> Louisburg, NC  27549
> 
> 252-478-8087 (Home)
> 919-890-8117 (Work)
> 
> Chief Architect JPlate   http://sourceforge.net/projects/jplate
> Chief Architect JavaPIM  http://sourceforge.net/projects/javapim
> 
> Architect Keros          http://sourceforge.net/projects/keros
> _______________________________________________
> CentOS-virt mailing list
> CentOS-virt at centos.org
> http://lists.centos.org/mailman/listinfo/centos-virt
>