Look at Network Filters in the vNIC profile for the network. I haven't tested it but there is one called clean-traffic-gateway, which I believe allows only communication between a VM and the designated gateway.


---- On Mon, 16 Mar 2020 10:11:57 +0000 Hendrik Peyerl <hpeyerl@plusline.net> wrote ----

We do have certain VLANs that all the VMs need as of now, we will be able to do this at some point but I need a solution until then.



> On 16. Mar 2020, at 11:08, Staniforth, Paul <P.Staniforth@leedsbeckett.ac.uk> wrote:
>
> Can't you put then on separate VLANs?
>
>
> Regards,
> Paul S.
> From: Hendrik Peyerl <hpeyerl@plusline.net>
> Sent: 16 March 2020 09:24
> To: users@ovirt.org <users@ovirt.org>
> Subject: [ovirt-users] Client separation on bridge level
>
> Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe.
>
> Hello everyone,
>
> is there a way to seperate the traffic between VMs on the same bridge on one oVirt-node with built-in tools from ovirt? We have VMs using the same bridge which should never be able to talk to each other.
>
> We are currently using ebtables for that, but its not working very good anymore now that we upgraded to 4.3 with firewalld.
>
> Any suggestions would be greatly appreciated.
>
> Best regards,
> Hendrik
> _______________________________________________
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-leave@ovirt.org
> Privacy Statement: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovirt.org%2Fprivacy-policy.html&amp;data=02%7C01%7Cp.staniforth%40leedsbeckett.ac.uk%7Cd93d2591b762400ae11808d7c98c46a2%7Cd79a81124fbe417aa112cd0fb490d85c%7C0%7C1%7C637199476647874123&amp;sdata=gRXkeXI%2BGPrJVCS6zNBE%2Fe4Z7Ec%2FO0qxdRyRpAckPx4%3D&amp;reserved=0
> oVirt Code of Conduct: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ovirt.org%2Fcommunity%2Fabout%2Fcommunity-guidelines%2F&amp;data=02%7C01%7Cp.staniforth%40leedsbeckett.ac.uk%7Cd93d2591b762400ae11808d7c98c46a2%7Cd79a81124fbe417aa112cd0fb490d85c%7C0%7C1%7C637199476647884122&amp;sdata=20dOQRRZzxqTVx%2FmUOlYLEbBD7dW2B6n%2FIRRXILlQzw%3D&amp;reserved=0
> List Archives: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.ovirt.org%2Farchives%2Flist%2Fusers%40ovirt.org%2Fmessage%2FZ54FEL45UJ5ONB67EDFCYAN7N64AMUPE%2F&amp;data=02%7C01%7Cp.staniforth%40leedsbeckett.ac.uk%7Cd93d2591b762400ae11808d7c98c46a2%7Cd79a81124fbe417aa112cd0fb490d85c%7C0%7C1%7C637199476647884122&amp;sdata=Jqf15c%2BMegSWxe7jp%2BQfVnJQgOZEQYxUPp4TGYqzUtY%3D&amp;reserved=0
> To view the terms under which this email is distributed, please go to:-
> http://leedsbeckett.ac.uk/disclaimer/email/
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/4AZJIDGF5VR3RR7JSNUUAAKRN57J33UE/