subuk
commented
6 years ago For example, add iptables rules on each host. If you want more complex scenarios, look into network filters: https://libvirt.org/formatnwfilter.html
Closed moredure closed 6 years ago
subuk
commented
6 years ago For example, add iptables rules on each host. If you want more complex scenarios, look into network filters: https://libvirt.org/formatnwfilter.html
moredure
commented
6 years ago Thanks!
moredure
commented
6 years ago @subuk have you experiencing errors regarding nwfilter clean-traffic with CTRL_IP_LEARNING=any filter or any other related to arp and ip spoofing prevention with default network on ubuntu 16.04? While I am using clean-traffic vm cannot assign ip address from dhcp. Currently I'am trying to reproduce the same on CentOS 7. I heard that centos or redhat comes with newer version of libvirt than debian based distros For example:
<interface type='bridge'>
<source bridge='virbr0'/>
<model type='virtio'/>
<filterref filter='no-ip-spoofing'/>
</interface>```
Without creating new subnet for each VM