WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] XCP Xen Cloud Control System ver 0.3 released!

On Tue, May 25, 2010 at 08:22:00PM +0100, Jonathan Tripathy wrote:
> 
> On 25/05/10 20:13, Iustin Pop wrote:
> >On Tue, May 25, 2010 at 10:04:26AM -0400, Vern Burke wrote:
> >>I only do static IP assignments on the VMs. I have no idea how you'd
> >>stop a VM from running a DHCP server from outside the VM (not that I
> >>can imagine why anyone would want to do that anyways). The best
> >>answer I've found for a lot of shennanigans is a zero tolerance
> >>policy in the terms of service (do it and you're gone, period).
> > From http://en.wikipedia.org/wiki/DHCP: "DHCP uses the same two ports 
> > assigned
> >by IANA for BOOTP: 67/udp for sending data to the server, and 68/udp for data
> >to the client."
> >
> >You could simply filter packets on port 67/udp towards the VM, so it doesn't
> >see the requests, and on port 68/udp from the VM, so it's not able to reply.
> >
> >regards,
> >iustin
> If that was the case, woudn't my idea of using:
> 
> http://www.standingonthebrink.com/index.php/ipv6-ipv4-and-arp-on-xen-for-vps/
> 
> work?

Well, that page is a little long, but if you refer to iptables + match
on physdev, yes, that should work, and one needs to add port-based
filtering too. I'm not familiar with arptables, sorry.

regards,
iustin

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users