18 Apr
2014
18 Apr
'14
3:14 p.m.
In data venerdì 18 aprile 2014 14:30:45, Laine Stump ha scritto:
The only part about this that seems odd is the requirement that the *host* not receive broadcast packets from the guests [...] If there is just one kind of broadcast traffic that shouldn't reach the host from the guests
You are absolutely right, I need to block only the AD domain broadcasts.
Alternately, if you want a guest network that isn't directly connected to the host, you could handle it in the following manner: 1) create a *completely empty* libvirt network - no IP address and no <forward>:
I like this solution, it's cleaner than scripting obscure firewall rules, thanks!