Hi all,
found a working solution even it’s not 100% ideal.
Just summarizing it here for other users still working with Xen to have some information about it.
Problem:
QEMU, at least 4.2 and 5.0 doesn’t allow to attach more than one bridge to a fully virtualized DomU (HVM). Paravirtualizing IPfire isn’t an option either since it’s not supported anymore.
Solution:
Xen since version 4.10 does support PVHv2 as some kind of lightweight HVM without the necessity of invoking QEMU at all. Luckily IPfire does support this kind of virtualization.
Downside of this PVHv2 setup is that pci-passthrough isn’t working even with the most recent version of Xen (4.14) and therefore no NIC can be exclusively assigned to IPfire.
Keeping this in mind the setup will be:
- Install IPfire from the ISO as HVM DomU assigning only one bridge to it
- Shutdown the IPfire DomU and make the following changes to the config file
type=‘pvh’ instead of type=‘hvm’
bootloader=‘pygrub’
attach additional bridges for red, blue and orange as desired - Start the IPfire DomU with this modified config file
- Connect to the IPfire DomU and run the normal setup procedure
I have this setup working on an ubuntu 20.04 server with Xen as shipped with this distribution.
Once Xen supports pci-passthrough on PVHv2 (it’s on their road map) bridges can be replaced by NICs again.
Hope that this is somehow helpful for one or another.
Best, Oliver