Ok, sure. For bridging physical with wireless you could use parprouted. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "C. L. Martinez" <carlopmart@xxxxxxxxx> > To: "Discussion about the virtualization on CentOS" <centos-virt@xxxxxxxxxx> > Sent: Tuesday, 4 April, 2017 11:27:07 > Subject: Re: Network isolation for KVM guests (SOLVED) > This can be if one of these interfaces isn't a wireless nic. But I need to use a > wireless nic and another phys nic. > > At least, I have solved the problem using network namespaces. All works ok and > expected now. > > Many thanks to all for your help > > On Tue, Apr 04, 2017 at 10:39:05AM +0100, Nux! wrote: >> Just create a bridge, hook the host physical interface that you want in it, hook >> the VMs interface in it, done. >> No need for passthrough. >> >> This can be done via libvirt/virsh or if a UI is wanted then virt-manager makes >> this really easy. >> >> Now assign an IP in the VM and it should work. You don't need to assign any IP >> on he host interface itself. Rinse and repeat for the rest of the interfaces. >> >> -- >> Sent from the Delta quadrant using Borg technology! >> >> Nux! >> www.nux.ro >> >> ----- Original Message ----- >> > From: "C. L. Martinez" <carlopmart@xxxxxxxxx> >> > To: "Discussion about the virtualization on CentOS" <centos-virt@xxxxxxxxxx> >> > Sent: Friday, 31 March, 2017 19:18:43 >> > Subject: Re: Network isolation for KVM guests >> >> > On Fri, Mar 31, 2017 at 05:06:53PM +0200, Sven Kieske wrote: >> >> On 31/03/17 15:55, C. L. Martinez wrote: >> >> > I need to attach two physical interfaces to a guest and these phy interfaces >> >> > have IP and routes assigned and I need to get them off the main routing table. >> >> >> >> I do not understand this. >> >> >> >> You can attach a physical (or virtual, doesn't matter), interface to any >> >> given vm, without assigning routes or IPs to these interfaces directly. >> > >> > No, I can't because this host doesn't support PCI passthrough. One of these >> > interfaces is a wireless nic. >> > >> >> >> >> Just do the network configuration inside the vm, and the routing, well >> >> on your router? You will just need the route for the vm networks on your >> >> host, but what is your attack scenario to keep this separated from other >> >> routes on this host? you need at least CAP_NET_ADMIN to fiddle with those. >> > >> > How? If the same host routes Internet traffic in the main routing table I expose >> > host's services to Internet. >> > >> >> >> >> -- >> >> Mit freundlichen Grüßen / Regards >> >> >> >> Sven Kieske >> >> >> >> Systemadministrator >> >> Mittwald CM Service GmbH & Co. KG >> >> Königsberger Straße 6 >> >> 32339 Espelkamp >> >> T: +495772 293100 >> >> F: +495772 293333 >> >> https://www.mittwald.de >> >> Geschäftsführer: Robert Meyer >> >> St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen >> >> Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen >> >> >> > >> > >> > >> > >> >> _______________________________________________ >> >> CentOS-virt mailing list >> >> CentOS-virt@xxxxxxxxxx >> >> https://lists.centos.org/mailman/listinfo/centos-virt >> > >> > >> > -- >> > Greetings, >> > C. L. Martinez >> > _______________________________________________ >> > CentOS-virt mailing list >> > CentOS-virt@xxxxxxxxxx >> > https://lists.centos.org/mailman/listinfo/centos-virt >> _______________________________________________ >> CentOS-virt mailing list >> CentOS-virt@xxxxxxxxxx >> https://lists.centos.org/mailman/listinfo/centos-virt > > -- > Greetings, > C. L. Martinez > _______________________________________________ > CentOS-virt mailing list > CentOS-virt@xxxxxxxxxx > https://lists.centos.org/mailman/listinfo/centos-virt _______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos-virt