[ovs-discuss] iptables and openvswitch

Kurt Bauer kurt.bauer at univie.ac.at
Wed Nov 30 09:25:28 UTC 2011


Hi again,

I rephrase my question or rather broaden it:

How do you do firewalling in conjunction with openvswitch?

*) central firewalling at Dom0. How?
*) central firewalling in front of the Dom0.
*) firewalling per DomU.

Thanks for your help,
best regards,
Kurt


Kurt Bauer wrote:
> Hi,
> 
> I'm quite new to openvswitch, so if I oversee smth. very obvious please
> dont't be to harsh ;-).
> 
> Till now I used standard linux bridging in my XEN-Environment. Using the
> 'net.bridge.bridge-nf-call-...' Kernel Parameters I was able to firewall
> bridged traffic per XEN-Guest, defining seperate chains per DomU.
> 
> Is smth. similar possible with openvswitch too, ie. having a 'central'
> iptables firewall in XEN Dom0 handling the rules for bridged/switched
> traffic targeting various XEN DomUs?
> 
> Thanks for your help,
> best regards,
> Kurt
> 
> 
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5528 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20111130/c5d79cbe/attachment-0002.bin>


More information about the discuss mailing list