Hi misc@, I have been working with VMM more lately. It's a real joy to use. Very simple.
I'm wondering what a recommended approach would be for potentially untrusted VMs. It's commonplace, in VPS hosting, to restrict the VM to its own IPs at the host level. Wouldn't want one server to spoof IPs of another. In this case, I am working with IPv6 and the host has its own /64. I am wanting to issue /112s to each VM. My first test was to put each VM on its own veb and route the /112 out of the physical ethernet interface. This seems like it would work, in theory, but the host doesn't respond to icmp6 "who-has"-style requests for a VM's IP. Thus, the upstream router doesn't know to address traffic to the host's MAC, and for it to forward it on. I know another approach is to put all on the same bridge interface with he physical NIC. This is probably more performant. I guess in that case, with all VMs on the same veb, I would create tap interfaces in advance and use pf to filter on the tap interfaces? Or would that not quite work with the nature of veb? VMM does provide a handy way to lock the MAC address at that layer, which is nice to have that attack surface already covered. Appreciate any advice you can offer. -Henrich
