WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] XCP - openvswitch network isolation / antispoofing

from [George Shuklin] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] XCP - openvswitch network isolation / antispoofing
From: George Shuklin <george.shuklin@xxxxxxxxx>
Date: Wed, 23 Mar 2011 15:11:06 +0300
Delivery-date: Wed, 23 Mar 2011 05:12:15 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=R17bJqrz5MYbt9rgYOq+5D4Z36nJwcAM5wb5Brks3tg=; b=ij2SW2Lbm+qOiq2/UxeR9p8CjQBdAepFOlQVJdhSLUZCDsudWSq2lDS8OkUKAuBbgM pMp8Q9M+HSO7ZV2sAm4oA1OURjTeAaKPXcR5VwV9HfR26Oro0goc9TXh9OXEFrGYCG7U QzUbM6LzP/xgR4VshAxqojGlJDW33oR/urTko=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=NVHdwiMlWXJrfU5oojKKaeJOZa6FFmsHwHTVFhQpb7Oc+KBfEYR7EUr9VatfxSoqNW JbIaGisnOekDPAN67B8G5ulBEUA0S5SDlg2rC9WySjdruiXHaYK9qaRnfb3UHJ5E9BCp 9VPVoTobRXMWWHgS/nixbup9sYV4jdVHFWzAk=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AANLkTin87owYOddp4=fQqPbERhiMsv8DP84mq78vY9L7@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <AANLkTin87owYOddp4=fQqPbERhiMsv8DP84mq78vY9L7@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20110303 Icedove/3.0.11
See the xen-api@xxxxxxxxxxxxxxxxxxx maillist, I post an antispoofing patch for XCP early there (no recompilation, just few lines in script). It will persist between VM reboots and migrations.
And no, there is no antispoofing in XCP by default, but it contain tools, allowing easy implementation of it. 

On 23.03.2011 13:14, Kristoffer Egefelt wrote:

Hi list,

Searching the xen and openvswitch forums I've not been able to clarify
if anti spoofing really is possible using the openvswitch included in
XCP 1.0.

If anybody figured it out, would you care to explain:

1) How?
2) Will the configuration persist after xcp host reboot?
3) Will the configuration persist after VM migration?

If not - are there any other possibilities other than disabling
openvswitch and using the good old bridges?

Regards
Kristoffer

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Intercommunication VM, Carlos
Next by Date:  RE: [Xen-users] Re: [XCP] XCP-1.0: has someone joined successful a AD domain?, John Else
Previous by Thread:  [Xen-users] XCP - openvswitch network isolation / antispoofing, Kristoffer Egefelt
Next by Thread:  Re: [Xen-users] domU kernel from source capable of live migration, Pasi Kärkkäinen
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy