Hi all,We're using since a long time libvirt with KVM guest machines and linux bridges. Firewall rules based on iptables and defined on the host server control inbound/outbound traffic to/from each VM. In order to improve remote administration facility and get extra services, it makes sense for us to replace linux bridges with Open vSwitch. However, the side effect is the solution's inability to filter (with netfilter/iptables) VM traffic since it's impossible to set-up iptables rules with ovs bridges. OpenStack/Quantum circumvents this problem (no talking about performance) by setting an extra linux bridge and veth pair between the guest TAP and ovs.
Is there {a simple|an alternative} solution to achieve it without installing the OpenStack/Quantum layer ?
Thanks, Regards, -- Université de Nantes - Direction des Systèmes d'Information IM jabber: yoann.j...@univ-nantes.fr
<<attachment: yoann_juet.vcf>>
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
