[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Secure VLANs

To: Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
From: "Fajar A. Nugraha" <list@xxxxxxxxx>
Date: Thu, 6 Jan 2011 05:00:41 +0700
Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 05 Jan 2011 14:01:59 -0800
List-id: Xen user discussion <xen-users.lists.xensource.com>

On Thu, Jan 6, 2011 at 4:49 AM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote:
>
> On 05/01/11 21:40, Javier Guerra Giraldez wrote:
>> On Tue, Jan 4, 2011 at 5:58 AM, Jonathan Tripathy<jonnyt@xxxxxxxxxxx>
>>  wrote:

>> Don't present the physical interface to the DomUs
>>
> I had this method in my head however I wasn't sure if it is "secure". Using
> the above simple method, is there *no way* that a customer could "VLAN Hop"
> by double tagging or anything else?

It's common networking stuff, same situation with physical servers and
switches, nothing xen-specific about it. Your network guys will have
more info.

IIRC it's safe as long as you do NOT assign the switch's native vlan
(usually vlan1) to domU.

-- 
Fajar

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Follow-Ups:
- Re: [Xen-users] Secure VLANs
  - From: Jonathan Tripathy

References:
- [Xen-users] Secure VLANs
  - From: Jonathan Tripathy
- Re: [Xen-users] Secure VLANs
  - From: Javier Guerra Giraldez
- Re: [Xen-users] Secure VLANs
  - From: Jonathan Tripathy

Prev by Date: Re: [Xen-users] Secure VLANs
Next by Date: Re: [Xen-users] Secure VLANs
Previous by thread: Re: [Xen-users] Secure VLANs
Next by thread: Re: [Xen-users] Secure VLANs
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.