Hello. Thank you for your answer. > ----- Original Message ----- > From: "Avi Kivity" <avi@xxxxxxxxxx> > To: "Robert Rebstock" <rebstock@xxxxxxxxxxxxxxxx> > Cc: kvm@xxxxxxxxxxxxxxx > Sent: Tuesday, August 17, 2010 11:36:41 AM > Subject: Re: guest MAC-address isolation > > On 08/06/2010 08:09 PM, Robert Rebstock wrote: > > Hello all, > > > > can anyone recommend a better way to achieve (guest agnostic) MAC-address > > isolation in qemu/kvm then with user-mode networking? > > > > I have multiple guests requiring the same MAC-address, and user-mode/slirp > > networking is quite slow. > > > > You can put the different guests on different bridges, and use IP > routing to connect the two bridges; or you can use ebtables to mangle > the MAC addresses. > Could you possibly give me an example? Unfortunately my networking skills are not the best, which is not to say that I don't try. The best I can do, after reading the documentation I could find, is: ebtables -t nat -A PREROUTING -d 00:11:11:11:11:11 -j dnat --to-dest 00:01:23:45:67:89 --dnat-target ACCEPT ebtables -t nat -A POSTROUTING -s 00:01:23:45:67:89 -j snat --to-src 00:11:11:11:11:11 --snat-arp --snat-target ACCEPT but I can see no way to mangle multiple identical MACs so as to achieve layer-2 isolation for my snapshotted VMs. Many thanks, RR -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
