WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [SPAM] Re: [Xen-users] Re: number of ips

from [Peter Booth] [Permanent Link][Original]
To: Anand Gupta <xen.mails@xxxxxxxxx>
Subject: Re: [SPAM] Re: [Xen-users] Re: number of ips
From: Peter Booth <peter_booth@xxxxxxx>
Date: Sat, 11 Apr 2009 22:13:06 -0400
Cc: Eljas Alakulppi <Buzer@xxxxxxxxx>, Xen Users <Xen-users@xxxxxxxxxxxxxxxxxxx>, Vu Pham <vu@xxxxxxxxxx>
Delivery-date: Sat, 11 Apr 2009 19:13:59 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <acb757c00904111605i39d7612anc1f7b5b755095cb0@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <acb757c00904090609y3975792dgd89d28e843ee9ee@xxxxxxxxxxxxxx> <49DFDC3F.9080706@xxxxxxxxxx> <49DFDE62.404@xxxxxxxxxx> <acb757c00904110352pafd134bqba01e8a6945f3bbc@xxxxxxxxxxxxxx> <op.ur7y4munrtqp7s@chiyo> <acb757c00904110447h25a98c63w1e86cd0fd2850785@xxxxxxxxxxxxxx> <op.ur73w6jnrtqp7s@chiyo> <acb757c00904111011p23f5aff9yfad1cab32ca9847f@xxxxxxxxxxxxxx> <49E0EDD2.8060201@xxxxxxxxxx> <E4880FD0-6A69-47BD-A568-B54C45536B58@xxxxxxx> <acb757c00904111605i39d7612anc1f7b5b755095cb0@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Now I see. It sounds like this really isn't a Xen question - that its the familiar "duplicate IP address" error we get when a user manually sets an IP address that has been assigned by a DHCP server

So here's the thing. What makes this issue worth spending any time trying to fix?

Sure, with sufficient creativity, we could engineer something that fixes this
The effort is probably more than 10x the value

Why not simply assume most people are reasonable and then deal with the exceptions as they arise?

If, of course, you are a sysadmin in a Federal Prison it might be different ...

Peter


On Apr 11, 2009, at 7:05 PM, Anand Gupta wrote:

Hi Peter,

On Sun, Apr 12, 2009 at 1:04 AM, Peter Booth <peter_booth@xxxxxxx> wrote:
I'm a little puzzled by this. My starting point is that I can sometimes use technology to protect against foolishness but it's much harder to protect against malice.

I believe that the xen 3 limit is 3 vifs per VM. So if you create all three, with one bridge mode with an asugned ip and thee two private networks, what can user do thru ignorance or malice to break this?
1. They can reconfigure their "real IP" do a diff value on the subnet and presumably well see an error on both devices that are trying to use the VM
2. What happens if they create virtual devices based on their "real" device? Can they bind these to different IPs on the subnet?

Is there any reason to expect they would do this? Can you fire your users if they are malicious? This seems as much a human issue as a technical one.


Not always you can fire them. Imagine a situation wherein you are the dom0 administrator and all your domU are customers who manage their own domU. Now you have assigned ips to them, and one of them tries to bind a different ip as against to what was assigned to it. I am just trying to find a way to stop that from happening.

--
regards,

Anand Gupta
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [SPAM] Re: [Xen-users] Re: number of ips, Vu Pham
Next by Date:  Re: [Xen-users] Poor disk I/O with HVM stub domains, Brian Conway
Previous by Thread:  Re: [SPAM] Re: [Xen-users] Re: number of ips, Anand Gupta
Next by Thread:  Re: [SPAM] Re: [Xen-users] Re: number of ips, Anand Gupta
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy