On 11/01/11 17:15, Jonathan Tripathy wrote:
Just one last question. Are there any measures I would need to take to make sure that traffic cannot escape from a Linux bridge? My bridges don't have IP assigned to them and the VM hosts don't do IP routing.
The only way to get from one bridge to another is by routing so if there is no route then there's no way to get packets (or frames) to leap from one bridge to another. (And if you're using separate vlans then you'd need a machine on both that is prepared to route the packets.)
Of course, testing is paramount. No amount of hypothesising is going to help if you haven't tested.
jch -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
