point taken but it wouldn't be "adding [file | virtual | foo] server features" it would only be "pfsense --> VT"
i'm no security expert, in any stretch of the imagination, I would have expected that the suggested addition of a dom0 would/could be fully protected, due to dom0 sitting behind pfsense, thus making the point of secuity a mut point. but then again, i'm no security expert. On Thu, Jan 29, 2009 at 10:00 AM, RB <[email protected]> wrote: > On Wed, Jan 28, 2009 at 15:31, pfsense sense <[email protected]> wrote: > > Ignoring the lack of Xen dom0 support in FreeBSD for a moment, of course. > > I definitely misunderstood your original post, my apologies. That > being said, there isn't and doesn't soon look to be much motion within > FreeBSD to provide dom0 support; even Linux hasn't had a recent kernel > supporting it since 2.6.18, and the release scheduled for 2.6.29 may > actually be pushed back to 2.6.30. Beyond that, it seems only > qemu+kqemu has made it into the BSD space, which doesn't leave many > good options for running pfSense as the root of a virtualized system. > The general response I see from the FBSD camp to root-virtualization > requests is "man 8 jail". NetBSD has recent dom0 support, but > switching to that isn't very likely. > > Adrian has a good point - pfSense is a network security platform, and > adding [file | virtual | foo] server features will only serve to > dilute the focus and create superfluous support issues. Greg had > another good point - multiple parallel pfSense instances like VDOM & > VSYS might be the way to go, but serving as a general hosting platform > far exceeds the purpose of pfSense. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > >
