Hi guys. I have a problem getting migration traffic encrypted for some scenarios. I need to migrate domain with non shared disks and can't use tunelled migration because of RHEL7 qemu. Without tunnel i get both vm state and disk state traffic unencrypted between peer's qemus. AFAIK there is a work in progress in qemu to bring TLS encryption to all channels and eventually I get desired functionality but what are my options now? I thinking of forwarding ports from destination to source and use localhost in hypervisor uri. The only problem is that port for disk migration is auto selected. Can we add a patch to pass this port as a migration parameter? -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list