David Gwynne <[email protected]> wrote: > i think this is enough to let vmd wire guests up to veb interfaces. > > please remember that veb is not the same as bridge, so some care > has to be taken when replacing bridge with veb. the biggest difference > to note is that if you want the host to talk layer 3 (ie, ip, dhcp, > etc) with the guests, the host must have a vport(4) interface set > up for l3 and added to the veb(4). if you used vether for that, just > replace the vether interfaces with vports. > > you can also have guests isolated from the host by not having vport > interfaces on their veb. you can still add a physical interface to the > veb to let guests talk l2 to the real world without having them talk to > the host they're running on. > > lastly, veb doesnt filter (non-vport) ports by default. if you're > using pf and bridge to filter between guests, you have to allow pf > to run on veb by setting the link1 flag. care must be taken if > you're also filtering with pf on a vport(4) interface. if anyone is > having trouble with this bit and wants some more pointers, let me know. > i suspect you'll learn more from bitter experience though.
Just changed the names of vether0 to vport0 and bridge0 to veb0, everything worked without me doing anything else (I was using group names for them, so no PF change at all as well). I feel like my Alpine instance boots 1 second or so faster, but I might be just feeling it. Nevertheless, it works without any issue. Thank you for your contributions! Sincerely, srfsh
