Hey there. I am curious to what degree VEs (using veth, to be exact) can
engage in ARP attacks, e.g. ARP poisoning, ARP spoofing, and so on. I'm
asking not only about VEs within a HN but a VE spoofing a IP on another
HN on the same LAN.
I see that the HN performs proxy ARP, but are VEs actually prevented
from generating ARP traffic?
I know too that veth routing is very stringent, e.g. veth10.0 is the
only route to a given IP, so I suspect that ARP spoofing even if
possible would be ineffective.
Any other thoughts on the topic?
Gregor Mosheh / Greg Allensworth, BS, A+
HostGIS cartographic development & hosting services
"Remember that no one cares if you can back up,
only if you can restore." - AMANDA