OpenVZ Forum: Support » Networking, security

Home » General » Support » Networking, security

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Networking, security [message #37423 is a reply to message #37421]

Tue, 08 September 2009 16:24

kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia

Senior Member

andreas2 wrote on Tue, 08 September 2009 18:55

As I understood veth is a brigde, so all clients can listen to whole traffic.

From vzctl man page:

       --mac_filter on|off
           Enables/disables  MAC  address  filtering  for  the  Container veth
           device and the possibility of configuring the MAC address  of  this
           device from inside the Container. If the filtering is turned on:
           *  the  veth  device  accepts  only  those  packets that have a MAC
           address in their headers  corresponding  to  that  of  this  device
           (excluding all broadcast and multicast packets);
           *  it  is impossible to modify the veth MAC address from inside the
           Container.
           By default, this functionality is  enabled  for  all  veth  devices
           existing inside the Container.

Kir Kolyshkin

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

[Message index]

		Networking, security By: andreas2 on Tue, 08 September 2009 14:55
		Re: Networking, security By: kir on Tue, 08 September 2009 16:24
		Re: Networking, security By: kir on Tue, 08 September 2009 16:29

Previous Topic:	Compiling for Kernel 2.6.30
Next Topic:	PCI Passthrough

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Fri Jul 25 14:40:54 GMT 2025

Total time taken to generate the page: 0.17193 seconds