[one-users] ip spoofing
Maxim Terletskiy
terletskiy at emu.ru
Wed Apr 30 08:34:01 PDT 2014
Hi!
No we're using vlans with simple bridging. I've used ovswitch in past
and do not remember anything about "ip hijacking" prevention in it. How
can ovswitch know what ip/mac must be on vm interface? Will it be
usefull if VMs living on different virtualization hosts?
30.04.2014 0:13, Stefan Kooman пишет:
> Quoting Maxim Terletskiy (terletskiy at emu.ru):
>> Thanks for answer.
>>
>> We're giving white ips from several networks, dhcp not very well fit
>> our needs. So using context for network settings setup.
>>
>> Now we're looking for solution which prevent vm A with ip X from use
>> of ip Y which belongs to vm B. X and Y are ips from one network in
>> one vlan.
> Are you using openvswitch? In that case you already have "mac spoofing"
> and "IP Hijacking" prevention [1]. OpenFlow rules are used to set that
> up. Note that it only works for IPv4 addresses. IPv6 is not covered yet.
>
> Gr. Stefan
>
> [1]:
> http://docs.opennebula.org/4.6/administration/networking/openvswitch.html
>
More information about the Users
mailing list