Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC addre

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC addre

From:	Avi Kivity
Subject:	Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config
Date:	Thu, 15 Jan 2009 15:41:48 +0200
User-agent:	Thunderbird 2.0.0.19 (X11/20090105)

Jamie Lokier wrote:

Dor Laor wrote:
What I meant is that if we allow the guest to change his mac address, itcan deliberately
change it to other hosts/guests mac and thus create networking problems.
Although guest can always mangle packets, maybe it worth enforcing thesemacs for the guest.
Although it can create network problems, sometimes it is also wanted.

I think if you want to restrict the guests's ability to break the
network by changing its MAC, it would be appropriate to have an option
to completely lock down the MAC so the guest can't change its MAC at all.

I don't think locking down the MAC is very useful; the guest can stillfake its IP address.

If the admin wants to lock down the guest, they should use netfilter(and live with the performance hit).


--
error compiling committee.c: too many arguments to function

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Alex Williamson, 2009/01/13
- [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Dor Laor, 2009/01/14
  - [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Alex Williamson, 2009/01/14
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Jamie Lokier, 2009/01/14
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Dor Laor, 2009/01/14
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Dor Laor, 2009/01/14
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Paul Brook, 2009/01/14
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Jamie Lokier, 2009/01/15
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Jamie Lokier, 2009/01/15
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Avi Kivity <=
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Dor Laor, 2009/01/18
    - Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config, Avi Kivity, 2009/01/18

Prev by Date: Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config
Next by Date: [Qemu-devel] [PATCH] sh4: Make atomic tas.b instruction thread safe
Previous by thread: Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config
Next by thread: Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC address via set_config
Index(es):
- Date
- Thread