This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] ip which is already being used can be taken by windows v

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] ip which is already being used can be taken by windows vps
From: Simon Hobson <linux@xxxxxxxxxxxxxxxx>
Date: Sun, 18 Oct 2009 09:14:20 +0100
Delivery-date: Sun, 18 Oct 2009 01:15:16 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <2f88f10c0910171335i431bb68ah5d103930990358a3@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <2f88f10c0910171335i431bb68ah5d103930990358a3@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Jingyun He wrote:

I just noticed that the windows vps can take any IP that is already
being used in the network,
e.g. one other server is using, and another vps in the network
just assign that IP, and activate it, then the ip will connect
to vps, and the server will lose connection.

Just to make the point here that no-one else has mentioned - this is no different under Xen than when running standalone machines. In general, the prevention (management systems) and mitigation techniques (eg ARP monitoring) are the same - but as others have pointed out, you have a couple more options (eg source IP filtering) with Xen guests which aren't available on most 'real' network switches.

We had our office network go down on us a few weeks back when someone was playing with his new Windoze mobile phone - in particular the bit that turns it into an access point (connects to internet over GPRS, shares it via wireless). Trouble is that he was connected to the office wireless and it came up with the same IP address as our router. We've also had customers taken out when someone (without thinking or asking) set up a device on our public net on an address assigned to a customer - he hasn't been allowed to forget it, and we now have ARP monitoring in place.
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

Xen-users mailing list