I have some (mostly) working Xen setups. Xen is a (para)virtualisation system for linux. That basically means you can run several kernels side-by-side on same hardware. Currently, you can only share CPU and memory and you can have virtual networking. If you have the right cpu (with virtualisation support), you could run the full-virtualisation mode which emulates full hardware. I don’t.
I have written down an account on how to use xen to do firewalling/dmz together with nat setup (nice for securing home network) under virtual firewall, nat and dmz with xen. Further remarks: the firewall seems to be happy with 32M RAM. That’s good. I put 128 for the services one so it has some chance to cache stuff and so. But i have a guarantee that it won’t take more than these 128M. That’s nice, too :).
There is additional info on getting shorewall and xen play together on http://www.shorewall.net/Xen.html. Great pictures in there too.
I have also a (mostly) working copy-on-write domU setup, which i use for testing — scratch system you can throw away when you are done screwing it. Maybe i write down how to set that up someday.