Linux.com

eshaffer

eshaffer

  • Linux.com Member
  • Posts: 1
  • Member Since: 08 Jun 11
  • Last Logged In: 03 Jul 11

Latest Posts

Posted by
Topic
Post Preview
Posted
  • eshaffer
    KVM network bridge iptables question
    I have a Linux server that hosts KVM virtual machines. eth0 for local network traffic has a static IP and has virtual bridge vbr0 for KVM virtual machines to use for local traffic eth1 is setup with virtual bridge vbr1 only and doesn't have any IP, vbr1 is used to provide public interface to a KVM running a firewall distro. This firewall distro has the public IP address and also a private IP address on vbr0 that is the default gateway for all my other KVMs. So my question: With eth1 not having an IP addresss are there any iptable rules that need to be setup on eth1 on the real server to protect from hacking attempts and are there any ways for people to gain access to the real host thru eth1 with it not having an IP? Thanks, Ernie
    Link to this post 24 Jun 11

    I have a Linux server that hosts KVM virtual machines.

    eth0 for local network traffic has a static IP and has virtual bridge vbr0 for KVM virtual machines to use for local traffic

    eth1 is setup with virtual bridge vbr1 only and doesn't have any IP, vbr1 is used to provide public interface to a KVM running a firewall distro. This firewall distro has the public IP address and also a private IP address on vbr0 that is the default gateway for all my other KVMs.

    So my question: With eth1 not having an IP addresss are there any iptable rules that need to be setup on eth1 on the real server to protect from hacking attempts and are there any ways for people to gain access to the real host thru eth1 with it not having an IP?

    Thanks,
    Ernie

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board