IPFire as Xen (4.1) DomU

This is an old revision of the document!

The following procedure is inspired by this article on the IPFire Wiki, this article being a summary of the previous one as well as this article on the Panticz web site.
The directories locations that are used in this example are based on this wiki's Sample Configuration, but YMMV.
You should also read the README file, inside the ipfire/ directory that's extracted from the archive.

In case you didn't do so already, it is also recommended that you get at least the base concepts that IPFire relies on by ready through their website, you should, at the minimum, grasp the "colored" concept of the IPFire firewalling.

Also read this IPFire article to understand why it's recommended to install IPFire as a HVM.

Setting up a firewall implies having at least 2 physical NICs on the host machine.

Get the IPFire image

Getting to the IPFire download page didn't provide us the link to the latest “scon” release… Let's have a look at the IPFire torrent tracker: BINGO ! we have a torrent for ipfire-2.17.1gb-ext4-scon.i586-full-core87.img.gz

Now use your favorite torrent app to download to the compressed image to your workstation, and transfer the image on your Xen Host.

> cd /directory/of/image/dowload/
> sftp root@<your_xen_host_ip>
sftp> cd /opt/xen/X-Local-ISO
sftp> put ipfire-2.17.1gb-ext4-scon.i586-full-core87.img.gz

Create the IPFire Virtual Hard Disk

Follow the procedure described in this wiki to create a dedicated VDI for the IPFire VM. But DO NOT PLUG THE VBD YET, as we'll first copy the IPFire image disk to it.

Copy the IPFire image to the vhd file

The IPFire image contains the partitions that are needed by the IPFire VM we intend to create, you could verify this by unzipping it and examine it with kpartx:

> gunzip /opt/xen/X-Local-ISO/ipfire-2.17.1gb-ext4-scon.i586-full-core87.img
> kpartx -l /opt/xen/X-Local-ISO/ipfire-2.17.1gb-ext4-scon.i586-full-core87.img 
loop0p1 : 0 122880 /dev/loop0 8192
loop0p3 : 0 1536000 /dev/loop0 131072
loop deleted : /dev/loop0

Let's copy the image to our vhd file:

> cat /opt/xen/X-Local-ISO/ipfire-2.17.1gb-ext4-scon.i586-full-core87.img > /run/sr-mount/26b9d87b-f344-1c8d-c5c5-a155d4e4e2e0/72e00fc6-98bb-48fe-ab4d-b52d1ef721b5.vhd

Using zcat, the image doesn't even need to be unzipped before the copy:

> zcat /opt/xen/X-Local-ISO/ipfire-2.17.1gb-ext4-scon.i586-full-core87.img.gz > /run/sr-mount/26b9d87b-f344-1c8d-c5c5-a155d4e4e2e0/72e00fc6-98bb-48fe-ab4d-b52d1ef721b5.vhd

We can verify that our vhd file now contains 2 partitions:

> kpartx -l /run/sr-mount/26b9d87b-f344-1c8d-c5c5-a155d4e4e2e0/72e00fc6-98bb-48fe-ab4d-b52d1ef721b5.vhd 
loop0p1 : 0 122880 /dev/loop0 8192
loop0p3 : 0 1536000 /dev/loop0 131072
loop deleted : /dev/loop0

STOP

See deprecated method

Go to the IPFire download page and get the link to latest Xen-Image, as of this writing (2015-03-07) that is http://mirrors-uk.go-parts.com/ipfire/releases/ipfire-2.x/2.17-core87/ipfire-2.17.xen.i586-downloader-core87.tar.bz2.
The download link will get you install scripts that you'll need to run in order to download and build the IPFire xen-images. You'll need to be root to do this.

> ssh root@<your.xen.host.ip>
> cd /opt/xen/X-Local-XVA
> wget http://downloads.ipfire.org/releases/ipfire-2.x/2.17-core87/ipfire-2.17.xen.i586-downloader-core87.tar.bz2
> tar -xjf ipfire-2.17.xen.i586-downloader-core87.tar.bz2

IPFire as Xen (4.1) DomU

Introduction

Network

Using the scon Image of IPFire

Get the IPFire image

Create the IPFire Virtual Hard Disk

Copy the IPFire image to the vhd file

STOP

Extract the IPFire Installer Script