WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-devel] [BUNDLE] Testing a simpler inter-domain transport

from [Rusty Russell] [Permanent Link][Original]
To: "King, Steven R" <steven.r.king@xxxxxxxxx>
Subject: RE: [Xen-devel] [BUNDLE] Testing a simpler inter-domain transport
From: Rusty Russell <rusty@xxxxxxxxxxxxxxx>
Date: Mon, 13 Feb 2006 13:32:54 +1100
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 13 Feb 2006 02:44:43 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <44BDAFB888F59F408FAE3CC35AB4704102FCD61D@orsmsx409>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <44BDAFB888F59F408FAE3CC35AB4704102FCD61D@orsmsx409>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
On Sun, 2006-02-12 at 15:39 -0800, King, Steven R wrote:
> > Note that like a real LAN, one badly behaved partition
> > can block communication for the others they share the lan with... 
> 
> Shared page LAN is much less secure than a real LAN.  Any domain
> attached to the shared page, i.e. in the LAN, can modify any frame "in
> flight" on the page.  Recipients have no confidence that the received
> frame is actually what the sender sent.

Hi Steve,

        I don't quite know how to respond to this!  Your statement is true
given some assumptions, but not relevent to my implementation, hence the
presence of your assertion in this thread is quixotic.

        In my implementation, you can't tell which domain on the LAN a packet
came from, nor do I try to prevent malicious domains on the LAN from
effectively stopping all useful traffic.  I believe that multi-domain
access is useful in some scenarious, nonetheless.

Hope that clarifies?
Rusty.
-- 
 ccontrol: http://ozlabs.org/~rusty/ccontrol


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [BUNDLE] Testing a simpler inter-domain transport, Ronald G Minnich
Next by Date:  RE: [Xen-devel] [BUNDLE] Testing a simpler inter-domain transport, King, Steven R
Previous by Thread:  Re: [Xen-devel] [BUNDLE] Testing a simpler inter-domain transport, Ronald G Minnich
Next by Thread:  Re: [Xen-devel] [BUNDLE] Testing a simpler inter-domain transport, Daniel Veillard
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy