how about user-mode-linux, isn't it better for this perpose (i.e. as a sandbox) ?On 8/29/06, Muli Ben-Yehuda [EMAIL PROTECTED]
wrote:On Tue, Aug 29, 2006 at 08:37:13PM +0300, Gil Freund wrote: Yes, but that makes the domU trusted (an attacker with root access ot
the domU can easily take down the
On Mon, Aug 28, 2006 at 11:21:36PM +0300, Gil Freund wrote:
I was asked about putting a firewall in Virtual Server environment.
As far as I can tell, XEN will allow me to assign a NIC as a PCI
desvice to a DomU.
Yes, but that makes the domU trusted (an attacker with root access ot
the domU
On Tue, Aug 29, 2006 at 12:17:53AM +0300, Shachar Shemesh wrote:
If you do set it up like that (and I did), please be sure to turn off
hardware checksum generation for TCP/IP, or you'll have trouble
connecting from the Xen machines that are behind the firewall to the
internet
There were
Muli Ben-Yehuda wrote:
On Tue, Aug 29, 2006 at 12:17:53AM +0300, Shachar Shemesh wrote:
If you do set it up like that (and I did), please be sure to turn off
hardware checksum generation for TCP/IP, or you'll have trouble
connecting from the Xen machines that are behind the firewall to
Muli Ben-Yehuda wrote:
On Tue, Aug 29, 2006 at 12:17:53AM +0300, Shachar Shemesh wrote:
If you do set it up like that (and I did), please be sure to turn off
hardware checksum generation for TCP/IP, or you'll have trouble
connecting from the Xen machines that are behind the firewall to
On Tue, Aug 29, 2006 at 11:36:27AM +0300, Shachar Shemesh wrote:
Solution: RTFM ethtool for the command line option to disable hardware
offloading of checksum calculation.
ethtool -K ethN tx off
Muli,
This seems to me like a conceptual bug in the way Xen determines which
is the true
Gil Freund [EMAIL PROTECTED] writes:
I was asked about putting a firewall in Virtual Server environment.
You may be interested in this VMware appliance[1,2]
http://www.vmware.com/vmtn/appliances/directory/245
- a winning entry (3rd prize) to the VMware Ultimate Virtual Appliance
Challenge,
On 8/29/06, Oleg Goldshmidt [EMAIL PROTECTED] wrote:
Gil Freund [EMAIL PROTECTED] writes:
I was asked about putting a firewall in Virtual Server environment.
You may be interested in this VMware appliance[1,2]
This means it's doable. My concern is Is it wise to do it?.
On 8/29/06, Muli Ben-Yehuda [EMAIL PROTECTED] wrote:
On Mon, Aug 28, 2006 at 11:21:36PM +0300, Gil Freund wrote:
I was asked about putting a firewall in Virtual Server environment.
As far as I can tell, XEN will allow me to assign a NIC as a PCI
desvice to a DomU.
Yes, but that makes the
On Tue, Aug 29, 2006 at 08:37:13PM +0300, Gil Freund wrote:
Yes, but that makes the domU trusted (an attacker with root access ot
the domU can easily take down the entire machine - unless you have an
isolation capable IOMMU)
Can you elaborate a little more? Does this mean that if the
Hi,
I was asked about putting a firewall in Virtual Server environment.
As far as I can tell, XEN will allow me to assign a NIC as a PCI
desvice to a DomU. VMware will only allow the usage of the NIC as
bridge (albeit, without an IP address).
My worries:
1. Will a DoS on the firewall leak to
Gil Freund wrote:
Hi,
I was asked about putting a firewall in Virtual Server environment.
As far as I can tell, XEN will allow me to assign a NIC as a PCI
desvice to a DomU. VMware will only allow the usage of the NIC as
bridge (albeit, without an IP address).
Huh?
If you do set it up like
12 matches
Mail list logo
