Best practices with network settings for virtualization
Miroslav Lachman
000.fbsd at quip.cz
Sun May 4 12:57:58 UTC 2014
I would like to ask some really experienced person - what is the best
way to run virtual guests connected to network with public IPs?
I think many people run unsecure setup with guests with simple bridged
network.
I know there are many options with tun, bridge, epair, VDE, Open vSwitch
etc., my main concern is the setup of network where each guest can use
only predefined MAC and predifined IP(s). If some malicious user or
malware in guest OS tried to change MAC od IP, I would like to disallow
that or do not allow any offending traffic to reach outside network or
any other guest running on the same machine.
Guests can be VirtualBox, Bhyve or anything else.
I really appreciate any help or ideas.
--
Miroslav Lachman
PS: I don't know if this is the best lsit to ask, maybe freebsd-net@ is
better place?
More information about the freebsd-virtualization
mailing list