WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Isolated network

To: "Jeff Sturm" <jeff.sturm@xxxxxxxxxx>, <Xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-users] Isolated network
From: "Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>
Date: Fri, 4 Jun 2010 16:20:17 +0100
Cc:
Delivery-date: Fri, 04 Jun 2010 08:22:57 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <46C13AA90DB8844DAB79680243857F0F062012@xxxxxxxxxxxxxxxxxxx><4C08F9AA.1080304@xxxxxx> <46C13AA90DB8844DAB79680243857F0F06201A@xxxxxxxxxxxxxxxxxxx> <64D0546C5EBBD147B75DE133D798665F055D93C5@xxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcsD5l1okDBDeJBnT4iuJMV0LSr0mgAAIn9IAAQxvTAAAHCAKw==
Thread-topic: [Xen-users] Isolated network


 

Sorry, I think I worded my post wrong. What I meant was is there a way to make sure that the DomUs can't access the Dom0, i.e. so they are on an isolated network. By default in virt-manager, the Dom0 gets attached to each bridge created...

Simply don't assign an IP to the bridge device in your dom0.

-Jeff

-----------------------------------------------------------------------

Excellent

And this is secure? Could I make it any better by using ebtables or anything like that?

I just want to be careful as my machine will host guests for trusted clients holding sensitive information, as well as non-trusted clients (VPS hosting)

Thanks

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>