Hey Daniel, When you want to use this kind of configuration:
---internal---> | hn | VEID 1 ---NIC 2----> | | VEID 2 ---NIC 3----> | | VEID 3 And what you try is, f.e., to have the internal NIC only connecting to the hn, and NIC 2 to VEID 3 and NIC 3 to VEID 2, then you probably will need to route and firewall your config if you stick to venet. Using a bridged setup would mean the same security implications as using the setup above (firewalled). So that's not something to worry about. If you've any questions, please let us know. Esmé -----Oorspronkelijk bericht----- Van: [email protected] [mailto:[email protected]] Namens Daniel Bauer Verzonden: donderdag 6 oktober 2011 22:14 Aan: [email protected] Onderwerp: Re: [Users] several nics on the hn Hi Esmé, > What's your setup? You have 1 'internal' NIC with an IP-address and > other NIC's without IP-address who you want to connect inside a > container, for what purpose? I've several nets: 1. internal service net, only available from/for the hostnode 2. internal LAN with intranet services for my users 3. DMZ 4. external IPs The host node should only be accessible in net 1, I don't want any routing or firewalling inside the hn, there should be no connection f.e. to net 4 > If you use veth you could theoretically set up a bridge with one of > those > devices, that would be easiest in my opinion. But why would you > consist on > venet? In the mentioned article the are two advantages: security and performance > Probably with a little bit more information we can help you a bit > further. Thanks Daniel > -----Oorspronkelijk bericht----- > Van: [email protected] [mailto:[email protected]] Namens > Daniel Bauer > Verzonden: donderdag 6 oktober 2011 15:02 > Aan: [email protected] > Onderwerp: [Users] several nics on the hn > > Hello, > > I've several nics on the hostnode. Only the internal service nic have > an > internal IP. The other nics are without IPs and connected to different > internal subnets and public www. > > I've read the differences between venet and veth > http://wiki.openvz.org/Differences_between_venet_and_veth > and want to use venet, but only venet0 is active in the hn, I think > this is > connected to eth0, but how to access the other nics? > > Thanks > Daniel > > _______________________________________________ > Users mailing list > [email protected] > https://openvz.org/mailman/listinfo/users > > > _______________________________________________ > Users mailing list > [email protected] > https://openvz.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users
