[libvirt-users] TCP Tunnel Info
bancfc at openmailbox.org
bancfc at openmailbox.org
Mon Mar 14 00:32:00 UTC 2016
libvirt-users at redhat.com
TCP Tunnel Info
I've been looking at the TCP Tunnel network feature as a potential
replacement for the extra private internal networking configuration
file.
Usecase: This network is supposed to go from VM1 to VM2 without DHCP,
DNS or any incoming/outgoing connections to the host or outside world
possible.
https://libvirt.org/formatdomain.html#elementsNICSTCP
* To make sure I understand, adding the TCP Tunnel setting for both VMs
1 and 2 is enough to do what I need? (force them to exclusively
communicate without the need for adding a new network as typically
done).
* If another set of VMs 3 and 4 are running and connected to each other
but I want to make sure they cannot connect to VMs 1 and 2, what source
addresses should be used to isolate these 2 networks? Do you follow CIDR
rules?
* For example if the chosen source address is 10.152.152.11 for VMs 1
and 2 what should the other network have?
* Going more complicated. Can one VM participate in two separate TCP
Tunnel networks while keeping them isolated? Topology: VM1(virtual NIC1)
<-> VM2 | VM1(virtual NIC2) <-> VM3
VM2 and 3 can only talk to VM1 but not to each other in this example.
* Offtopic: Do your answers similarly apply for using the other
Multicast and UDP options too?
I can explain better if I'm not making any sense.
More information about the libvirt-users
mailing list