Date: Tue, 13 May 2014 00:54:06 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> To: FreeBSD Net <freebsd-net@freebsd.org> Subject: Best practices with network settings for virtualization Message-ID: <5371510E.40302@quip.cz>
next in thread | raw e-mail | index | archive | help
I originaly posted this to virtualization@ list week ago. I didn't recieved any answer, so maybe this list is better for questions like the following. I would like to ask some really experienced person - what is the best way to run virtual guests connected to network with public IPs? I think many people run unsecure setup with guests with simple bridged network. I know there are many options with tun, bridge, epair, VDE, Open vSwitch etc., my main concern is the setup of network where each guest can use only predefined MAC and predefined IP(s). If some malicious user or malware in guest OS tried to change MAC od IP, I would like to disallow that or do not allow any offending traffic to reach outside network or any other guest running on the same machine. Guests can be VirtualBox, Bhyve or anything else. I really appreciate any help or ideas. -- Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5371510E.40302>