RE: RE: KVM static internal networking without host bridge interface (virbr)
Given that potentially sensitive information is flowing between the two
VMs, we want to prevent the host from being able to sniff on the traffic
between the two VMs. Is that possible in any way? If so, how can we
prevent the host to see traffic of the internal network?
So why not have ipsec traffic between both? I think this is the only thing you can do
against sniffing from the host. Although I don't really get if you can ever secure
guests against their hosts.