|
|
|
|
|
|
|
|
|
|
xen-users
[Xen-users] [XCP] promiscuous mode for vif
Good day.
Found strange behavior in PV-domains. Application like tcpdump or iftop
require promiscuous mode for interface. And this feature is disabled by
default, as I understand.
message from iftop:
pcap_open_live(eth0): eth0: You don't have permission to capture on that
device (socket: Address family not supported by protocol)
As I understand promiscuous:on in other-config for vif will allow do
this.
But here other question: will this somehow compromise security of XCP?
Will domain with promiscuous mode on vif allowed to see traffic of other
domains? Can it perform cache poisoning for open vswitch?
---
wBR, George.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
<Prev in Thread] |
Current Thread |
[Next in Thread> |
- [Xen-users] [XCP] promiscuous mode for vif,
George Shuklin <=
|
|
|
|
|