Re: Network isolation for KVM guests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 31/03/17 15:55, C. L. Martinez wrote:
> I need to attach two physical interfaces to a guest and these phy interfaces have IP and routes assigned and I need to get them off the main routing table.

I do not understand this.

You can attach a physical (or virtual, doesn't matter), interface to any
given vm, without assigning routes or IPs to these interfaces directly.

Just do the network configuration inside the vm, and the routing, well
on your router? You will just need the route for the vm networks on your
host, but what is your attack scenario to keep this separated from other
routes on this host? you need at least CAP_NET_ADMIN to fiddle with those.

-- 
Mit freundlichen Grüßen / Regards

Sven Kieske

Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +495772 293100
F: +495772 293333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS-virt mailing list
CentOS-virt@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos-virt

[Index of Archives]     [CentOS Users]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]

  Powered by Linux