To use NAT in domain 0 to give access for other domains:
1) Make sure domain 0's kernel contains at least the following options:
   (other domains don't need this)

CONFIG_NETFILTER=y
CONFIG_IP_NF_CONNTRACK=y
CONFIG_IP_NF_FTP=y
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_MATCH_STATE=y
CONFIG_IP_NF_FILTER=y
CONFIG_IP_NF_NAT=y
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=y
CONFIG_IP_NF_NAT_FTP=y

2) Run the enable_nat script on domain 0 startup. This will bind
   169.254.1.0 to domain 0 and set up iptables for NAT. Make sure
   that the real IP address for eth0 has been set before running the
   script.
3) Give the other domains IP addresses in 169.254.0.0/16 and a default
   gateway of 169.254.1.0.
4) It should now work. Domains 1 and higher should be able to make
   outgoing connections through NAT. FTP active or passive should both
   work thanks to FTP connection tracking