Jamie Lokier wrote:
Alex Williamson wrote:
What if the guest will chose the host's mac?
Thinking about it, I don't think we should test that.
A concerned host mgmt app can add ebtables roles for such a case.
Maybe we can optionally allow/deny it?
What's the topology you're thinking of that the virtio-net MAC is also
the host MAC? I typically use a bridge with a tap device, so the
virtio-net MAC is isolated from the host. Thanks,
For example you might forward IPX packets to the guest and IP/ARP to
the host, using an ebtables rule to distinguish them. From the
outside, it would look equivalent to a single host processing both IPX
and IP.
-- Jamie
That's a nice common scenario ;)
What I meant is that if we allow the guest to change his mac address, it
can deliberately
change it to other hosts/guests mac and thus create networking problems.
Although guest can always mangle packets, maybe it worth enforcing these
macs for the guest.
Thanks,
Dor
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
