Restricting IP ranges for guests over tap devices
Joachim Durchholz
jo at durchholz.org
Sun Aug 9 04:50:58 UTC 2020
Am 02.08.20 um 14:45 schrieb Miroslav Lachman:
> For me the more serious issue is that malicious guest can assign IP of
> another guest or the main host and cause some collisions or
> malfunctions. I am looking for the right solution for a long time.
As of FreeBSD 12, you can put Bhyve into a jail.
Jails can use VNETs, which can be configured for restricted IPs.
https://forums.freebsd.org/threads/bhyve-inside-jails-why.69109/ talks
about this.
Disclaimer: I don't use bhyve so I don't know how accurate the postings are.
Regards,
Jo
More information about the freebsd-virtualization
mailing list