I've currently got all my virtual machines networked using the br0 bridge to make them all look like they are just other machines on my LAN, all in the same subnet, all using the same gateway, DHCP server, etc.
What I'd like to do (for purposes of paranoia), is something like create another bridge, say br1, and through the magic of iptables and wot-not make any virtual machines I attach to br1 be completely isolated from my local LAN, but still get their network traffic forwarded so they can talk to the outside world. I know just enough to imagine this might be possible, yet have no idea how to implement any of the details. Are there any detailed prescriptions out there for doing this kind of thing? _______________________________________________ virt mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/virt
