> So I wonder if we could use a similar approach for linux bridge instead? > We currently have: > > veth0<-->vmbr0<-->tapXXXiY > > vmbr0<-->vethXXXiY<-->fwbrXXXiY<-->tapXXXiY > > I wonder if that would help to solve above problems? And what performance > would be get?
Also note that we do not need to enable netfilter on vmbr0 with this setup. so we can completely exclude VMs from using the firewall (such VM won't notice a performance penalty). _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
