[libvirt-users] virtual subnet

Lucio Crusca lucio at sulweb.org
Fri Apr 18 13:14:57 UTC 2014

In data venerdì 18 aprile 2014 14:30:45, Laine Stump ha scritto:
> The only part about this that seems odd is the requirement that the
> *host* not receive broadcast packets from the guests [...]
> If there is just one kind of broadcast traffic that shouldn't reach the
> host from the guests

You are absolutely right, I need to block only the AD domain broadcasts.

> Alternately, if you want a guest network that isn't directly connected
> to the host, you could handle it in the following manner:
> 1) create a *completely empty* libvirt network - no IP address and no
> <forward>:

I like this solution, it's cleaner than scripting obscure firewall rules, 

More information about the libvirt-users mailing list