[one-users] ip spoofing
Maxim Terletskiy
terletskiy at emu.ru
Tue Apr 29 09:56:33 PDT 2014
Thanks for answer.
We're giving white ips from several networks, dhcp not very well fit our
needs. So using context for network settings setup.
Now we're looking for solution which prevent vm A with ip X from use of
ip Y which belongs to vm B. X and Y are ips from one network in one vlan.
I thought about using iptables/ebtables on border router, but don't
understand very well what rules we must apply to drop traffic in case if
pair "MAC+IP" is wrong.
29.04.2014 16:41, Ionut Popovici пишет:
> On 4/29/2014 2:09 PM, Maxim Terletskiy wrote:
>> Hi!
>>
>> We're using bridged network with vlans and looking for a way to
>> assume that client VMs using right ip addresses on their network
>> interfaces. Maybe someone already have ideas about how to do it in a
>> right way?
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
> of you can transform from less table
> from less_pool table
> <LEASE><IP>2886991874</IP><MAC_PREFIX>512</MAC_PREFIX><MAC_SUFFIX>2886991874</MAC_SUFFIX><USED>1</USED><VID>###</VID></LEASE>
>
> where: prefix = first 2 hex of mac
> mac_suffix: is rest of mac on decimal but can be transformed in hex
> the splited
> for my case:
> prefix = 02:00:
> mac_suffix= ac:14:00:02
> ip= 172.20.0.2
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
More information about the Users
mailing list