[pve-devel] pvefw: masquerade problems and conntrack zones
Alexandre DERUMIER
aderumier at odiso.com
Tue Mar 11 15:40:00 CET 2014
>>yes, I want it ;-) And it seems we can do it with the veth setup.
Ah ok ! seem more clear now.
isn't veth too much overhead ? (I'm a bit worried about veth performance, see http://www.opencloudblog.com/?p=96)
couldn't we scan bridges arp tables, and make rules with ips ? (at least for routed guests)
(or manage guests ips in vm configs)
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Mardi 11 Mars 2014 14:40:42
Objet: RE: [pve-devel] pvefw: masquerade problems and conntrack zones
> Well,If I remember,we don't allow traffic routing between taps on differents
> vmbrX when firewall is enabled.
>
> Or maybe do you want that finally ?
yes, I want it ;-) And it seems we can do it with the veth setup.
More information about the pve-devel
mailing list