The default configuration one would use would result in 2 IP's being assigned to the Xen host.
Lets say I have a default IP of 188.8.131.52 on the main box, and the ISP has issued me 184.108.40.206/29, leaving me with 220.127.116.11-29 as usable IP's. One of the /29 range has to be applied to the base box to serve as a gateway, meaning that one IP is wasted (or you could say even 2 are wasted if you include the 18.104.22.168 address).
I didn't want to loose these 2 valuable IP's, so I used iptables with SNAT/DNAT to make use of all the assigned IP's.
The first steps were simple when I found this page: http://grml.org/xen/, so the bulk of the following code is copied from there.
Using a debian system, I entered the following extra config into my
/etc/network/interfacesto make the Xen host listen to my public IP's and perform DNAT/SNAT to private IP addresses.
iface xenintbr inet static
pre-up brctl addbr xenintbr
post-down brctl delbr xenintbr
iface eth0:25 inet static
post-up iptables -t nat -A POSTROUTING -o eth0 -s 10.1.1.25 -j SNAT --to 22.214.171.124
post-up iptables -t nat -A PREROUTING -d 126.96.36.199 -j DNAT --to-destination 10.1.1.25
Next make xend set up the bridge correctly in
/etc/xen/xend-config.sxp. This tells xend to set up the bridge between the guest and the bridge setup above, but instead of using the default network-bridge, we simply do routing, and let the iptables rules above perform the routing to the outside world.
And in the guest machine configure the network on the private subnet.
iface eth0 inet static
You can check the status of the iptables rules with:
iptables -L -vn
iptables -t nat -L -vn