[ovs-discuss] iptables and openvswitch
Jesse Gross
jesse at nicira.com
Wed Nov 30 17:33:16 UTC 2011
On Wed, Nov 30, 2011 at 1:25 AM, Kurt Bauer <kurt.bauer at univie.ac.at> wrote:
>
> Hi again,
>
> I rephrase my question or rather broaden it:
>
> How do you do firewalling in conjunction with openvswitch?
>
> *) central firewalling at Dom0. How?
> *) central firewalling in front of the Dom0.
> *) firewalling per DomU.
You can use the ovs-ofctl command to add OpenFlow flows that act as
firewall rules. Both dom 0 and doms U are represented as switch ports
so the same mechanism works for both. Central firewalling can be done
by wildcarding the input port, otherwise you can provide a specific
one.
More information about the discuss
mailing list