|
|
Re: Routing Class C subnet to VE [message #25913 is a reply to message #25785] |
Thu, 10 January 2008 20:51 ![Go to previous message Go to previous message](/theme/ovz3/images/up.png) ![Go to next message Go to next message](/theme/ovz3/images/down.png) |
zvnepo
Messages: 4 Registered: January 2008
|
Junior Member |
|
|
K, so considering this a "untrusted" environment, is veth a safe route to go? Would the veth device on the host need bridged to eth0 on the host to have the class C routed correctly, or is there some method of routing the block w/o bridging the devices?
|
|
|
|
Re: Routing Class C subnet to VE [message #25981 is a reply to message #25920] |
Mon, 14 January 2008 04:02 ![Go to previous message Go to previous message](/theme/ovz3/images/up.png) ![Go to next message Go to next message](/theme/ovz3/images/down.png) |
zvnepo
Messages: 4 Registered: January 2008
|
Junior Member |
|
|
K, let us re-phrase... if the VE should not be able to see all traffic on eth0, then veth is not a feasible option. So if venet is the only option, is there a way to route an entire subnet by static route to the VE via venet? Or must one bind each address via --ipadd option to the VE?
|
|
|
|
Re: Routing Class C subnet to VE [message #25983 is a reply to message #25785] |
Mon, 14 January 2008 05:09 ![Go to previous message Go to previous message](/theme/ovz3/images/up.png) ![Go to next message Go to next message](/theme/ovz3/images/down.png) |
zvnepo
Messages: 4 Registered: January 2008
|
Junior Member |
|
|
OK, so if we understand correctly, using veth w/o bridging, a static route can be setup from eth0 on the host to the VE vethVEID.0 device? That would be a more secure solution. Now to just figure out the static route needed.
|
|
|
|