[Users] Networking questions (LONG)
Dan Kenigsberg
danken at redhat.com
Fri Jan 10 13:42:15 UTC 2014
On Fri, Jan 10, 2014 at 10:39:20AM -0200, Juan Pablo Lorier wrote:
> Hi Dan,
>
> I take the chance to ask; why is that the untagged IF can see the
> traffic of the tagged vlans? Isn't that filtered at kernel level? Is
> this a virtualization design limitation or is it down to the kernel?
> I don't know how the kernel processes the packages, but I thought that
> packages that arrives to the nic are filtered by the kernel and sent to
> the respective vif (untagged to the "master" interface and tagged to the
> .XX interfaces). I ask because other virtualization platforms don't have
> this limitation and I wonder if it's because they "don't care" of
> because they solved this somehow.
I do not know how this is implemented elsewhere, but to the best of my
knowledge, the "master" interface sees tagged packets, too (which is the
basis of Alan's use case: he wants the trunk VM to see all traffic).
BTW, Alan, for this to actually work, you need to enable macspoofing on the
relevant nic. Yet another step on the hack I've outlined earlier.
Dan.
More information about the Users
mailing list