[Users] several nics on the hn

Daniel Bauer mlist at dsb-gmbh.de
Fri Oct 7 06:48:10 EDT 2011 

Hi Esmé,

From: "Esmé de Wolf" <esme at elements.nl>
> When you want to use this kind of configuration:
>
> ---internal---> | hn |  VEID 1
> ---NIC 2----> | |  VEID 2
> ---NIC 3----> | |  VEID 3
>
> And what you try is, f.e., to have the internal NIC only connecting to 
> the
> hn, and NIC 2 to VEID 3 and NIC 3 to VEID 2, then you probably will 
> need to
> route and firewall your config if you stick to venet.
>
> Using a bridged setup would mean the same security implications as 
> using the
> setup above (firewalled). So that's not something to worry about.

I think I do it with veth, also if I prefered the venet interface, 
because nobody could change the IP inside the CT.

Thanks
Daniel


> -----Oorspronkelijk bericht-----
> Van: users-bounces at openvz.org [mailto:users-bounces at openvz.org] Namens
> Daniel Bauer
> Verzonden: donderdag 6 oktober 2011 22:14
> Aan: users at openvz.org
> Onderwerp: Re: [Users] several nics on the hn
>
> Hi Esmé,
>
>> What's your setup? You have 1 'internal' NIC with an IP-address and
>> other NIC's without IP-address who you want to connect inside a
>> container, for what purpose?
>
> I've several nets:
> 1. internal service net, only available from/for the hostnode 2. 
> internal
> LAN with intranet services for my users 3. DMZ 4. external IPs
>
> The host node should only be accessible in net 1, I don't want any 
> routing
> or firewalling inside the hn, there should be no connection f.e.
> to net 4
>
>
>> If you use veth you could theoretically set up a bridge with one of
>> those
>> devices, that would be easiest in my opinion. But why would you
>> consist on
>> venet?
>
> In the mentioned article the are two advantages: security and
> performance
>
>
>> Probably with a little bit more information we can help you a bit
>> further.
>
>
> Thanks
> Daniel
>
>
>> -----Oorspronkelijk bericht-----
>> Van: users-bounces at openvz.org [mailto:users-bounces at openvz.org] 
>> Namens
>> Daniel Bauer
>> Verzonden: donderdag 6 oktober 2011 15:02
>> Aan: users at openvz.org
>> Onderwerp: [Users] several nics on the hn
>>
>> Hello,
>>
>> I've several nics on the hostnode. Only the internal service nic have
>> an
>> internal IP. The other nics are without IPs and connected to 
>> different
>> internal subnets and public www.
>>
>> I've read the differences between venet and veth
>> http://wiki.openvz.org/Differences_between_venet_and_veth
>> and want to use venet, but only venet0 is active in the hn, I think
>> this is
>> connected to eth0, but how to access the other nics?
>>
>> Thanks
>> Daniel
>>
>> _______________________________________________
>> Users mailing list
>> Users at openvz.org
>> https://openvz.org/mailman/listinfo/users
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at openvz.org
>> https://openvz.org/mailman/listinfo/users
>>
>
>
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
>
>
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
>

More information about the Users mailing list