On Tue, 25 Jan 2022 01:48:24 +0100 Peter Boy <p...@uni-bremen.de> wrote:
> If you want your VMs to have access to the public network, then you > have to share the host's public interface. The most convenient option > is mac-vlan and to avoid a bridge. You don’t need to configure the > host interface, but just the VMs to use „direct attachment“ in > KVM/libvirt-speech. See Fedora Server documentation at > https://docs.stg.fedoraproject.org/en-US/fedora-server/virtualization-vm-install-fedoraserver-cockpit/ > (it’s the staging version). > > Konfiguration is much easier and it causes less system load. The only > disadvantage is that the VMs cannot communicate directly with the > host. But it is usually better to use an internal, protected network > for this. This, for me, is a fatal limitation. The web server needs to access the database server and so on. At home I have just one network and every thing is internal. At work we have an internal network and all internet-facing services are on an isolated network with an industrial grade firewall and application filter severely restricting access from the internet. All the hosts are already on an “internal” network of some variety, so setting up a another one seems redundant. I also feel that configuring the host for bridge mode is much more convenient than installing a separate physical network. Jim _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
