|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Networking with xen
"Quezada, Pedro" <PedroQ@xxxxxxxxxx> writes: > is there a possibilTy to conneCt doms toguether and for a spanning tree loop. Well, if you setup two bridges, sure. Or if you give a Domu 2 vifs and bridge them in the DomU. It's not possible in the default setup, where you only have one bridge and one vif in each DomU But if you really want the "don't let me shoot myself in the foot" level of handholding, you really shouldn't be using Open Source. talk to Citrix about the commercial version of Xen, or if performance isn't critical and/or you are largely a windows shop, talk to VMware. > The network capabilities of xen can really cause concerns to the network > admins... > > I mean this product not used well can bypass all security in a network... You need to think of your xen bridge as a switch. From the network admin perspective, you are simply plugging in another switch and any number of servers behind that switch. The exact same security concerns apply. I don't see how this bypasses all security on a network. It does mean that the Dom0 administrators are administering a switch; if you plug more than one network into the Dom0, you have the same problems you have when you plug more than one network into any other server (that is, someone with root on the server in question can create bridges/tunnels between those two tunnels if they want) _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |