[libvirt-users] libvirt, Open vSwitch and iptables
Yoann Juet
yoann.juet at univ-nantes.fr
Thu Dec 5 15:51:10 UTC 2013
Hi all,
We're using since a long time libvirt with KVM guest machines and linux
bridges. Firewall rules based on iptables and defined on the host server
control inbound/outbound traffic to/from each VM. In order to improve
remote administration facility and get extra services, it makes sense
for us to replace linux bridges with Open vSwitch. However, the side
effect is the solution's inability to filter VM traffic since it's
impossible to set-up iptables rules with ovs bridges. OpenStack/Quantum
circumvents this problem (no talking about performance) by setting an
extra linux bridge and veth pair between the guest TAP and ovs.
Is there {a simple|an alternative} solution to achieve it without
installing the OpenStack/Quantum layer ?
Thanks,
Regards,
--
Université de Nantes - Direction des Systèmes d'Information
IM jabber: yoann.juet at univ-nantes.fr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: yoann_juet.vcf
Type: text/x-vcard
Size: 365 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20131205/6d246aed/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3256 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20131205/6d246aed/attachment.p7s>
More information about the libvirt-users
mailing list