On Wed, May 14, 2008 at 11:48:33AM -0700, snowcrash+xen@xxxxxxxxx wrote: > > If there's a better way to configure a VM > > for traffic sniffing, I'd be interested in hearing... > > as would i. :-/ > > my understanding (?) is that passthru to PV domu need to be eliminated > to avoid the aforementioned security hole. > > that leaves passthru to HVM -- which requires AMD-V (or intel VT-d > ...) extension support. and, i _think_ that means xen ver >= 3.2.0 is > required. > > fedora9's not an option. fedora8's "not going to support it" policy, > though understandable on the march to paravirt_ops, leaves little to > lean on in terms of community support ... Sadly that's life with Xen. Upstream Xen has basically stopped all kernel development leaving 'official' Xen kernels stuck on 2.6.28 which is essentially useless for any modern distro. We had the choice between trying to finish off the paravirt_ops port, or dropping Xen entirely :-( Dan. -- |: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- Fedora-xen mailing list Fedora-xen@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-xen