[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Secure VLANs

On Thu, Jan 6, 2011 at 4:49 AM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote:
> On 05/01/11 21:40, Javier Guerra Giraldez wrote:
>> On Tue, Jan 4, 2011 at 5:58 AM, Jonathan Tripathy<jonnyt@xxxxxxxxxxx>
>>  wrote:

>> Don't present the physical interface to the DomUs
> I had this method in my head however I wasn't sure if it is "secure". Using
> the above simple method, is there *no way* that a customer could "VLAN Hop"
> by double tagging or anything else?

It's common networking stuff, same situation with physical servers and
switches, nothing xen-specific about it. Your network guys will have
more info.

IIRC it's safe as long as you do NOT assign the switch's native vlan
(usually vlan1) to domU.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.