On 10/27/2009 11:44 PM, Anthony Liguori wrote:
It's actually not okay. You're creating a bridge with two tap devices
on the bridge that happen to be connected in qemu by a vlan. If one
tap device receives a packet, qemu is going to forward that packet to
the other tap device, which will in turn send the packet to the bridge
which in turn sends it to the first tap device.
Resulting in an infinite networking loop.
It shouldn't kill networking though. If a guest has two nics connected
to the same host bridge (a reasonable configuration), and then connects
these two nics through its own bridge, it creates the same sort of
loop. If that kills networking, we have a guest-initiated DoS (not that
the userspace-initiated DoS was much better).
--
Do not meddle in the internals of kernels, for they are subtle and quick to
panic.
