Is it possible to run a full router on Xen's dom0 between a real (physical) LAN and the Internet, with ocasional domU's booting up as I need them?
What problems should I be aware of?
Any particular tips?
Is there any big performance hit, if the processor doesn't support hardware virtualization? (just for the dom0, not for domU's, which won't stay up for long anyway).
I want to have it "just in case". I know I will need the virtual instances, and when I need them, I want to create them as hassle-free as possible, without having to reboot the router every time.
Thanks.
The best practice is to have a hypervisor be just a hypervisor, but I don't see any problems turning it in the router.
But I would recommend to set up a virtual router in the DomU, with a paravirtualization you shouldn't face any serious performance problems. Especially when you switch some time to vt-x + vt-d and will be able to passthru a physical network card inside a guest.
We have such virtual routers in the production, running RouterOS on a single Xeon core (even without a direct access to the card) and routing 700-800mbit IPSec without any problems.