In data venerdì 18 aprile 2014 14:30:45, Laine Stump ha scritto: > The only part about this that seems odd is the requirement that the > *host* not receive broadcast packets from the guests [...] > If there is just one kind of broadcast traffic that shouldn't reach the > host from the guests You are absolutely right, I need to block only the AD domain broadcasts. > Alternately, if you want a guest network that isn't directly connected > to the host, you could handle it in the following manner: > 1) create a *completely empty* libvirt network - no IP address and no > <forward>: I like this solution, it's cleaner than scripting obscure firewall rules, thanks! _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
