Re: Using STP in kvm bridges

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 16.09.2015 12:18, C.L. Martinez wrote:
> On 09/16/2015 10:15 AM, Dmitry E. Mikhailov wrote:
>> On 09/16/2015 03:02 PM, C.L. Martinez wrote:
>>>   What advantages and disadvantages have??  If I will want to install
>>> some kvm guests that use multicast address for certain services, is it
>>> recommended to enable STP?
>> STP has nothing to do with multicast as it's an Ethernet protocol.
>> It's developed to provide loop-free redundancy links to Ethernet-based
>> networks.
>>
>> I can't imagine any legitimate use of STP within virtualized environment
>> except when BOTH a) you don't trust the person who manages VM's (like in
>> VPS providing) AND b) you provide more then one network interface to the
>> virtual machine.
>>
>> Otherwise STP can be used to prevent traffic storm because of malicious
>> bridging of vNIC's inside VM.
>>
>> Best regards,
>>      Dmitry Mikhailov
> 
> Thanks Dmitry... Uhmm, but my case is: "b) you provide more then one
> network interface to the virtual machine". I have several kvm guests
> with 3 or more network interfaces ... In this case, do you recommends to
> enable STP??

You should always enable STP on a bridge unless you have a very specific
reason not to.

Regards,
  Dennis

_______________________________________________
CentOS-virt mailing list
CentOS-virt@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos-virt



[Index of Archives]     [CentOS Users]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]

  Powered by Linux