From mboxrd@z Thu Jan 1 00:00:00 1970 From: "B.G. Bruce" Subject: Re: Other additional vnet questions Date: Thu, 10 Feb 2005 08:38:57 -0400 Message-ID: <1108039137.4813.25.camel@master.vms.security> References: <1107965719.9884.237.camel@master.vms.security> <420B35DA.2080705@hpl.hp.com> Reply-To: bgb@nt-nv.com Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit In-Reply-To: <420B35DA.2080705@hpl.hp.com> Sender: xen-devel-admin@lists.sourceforge.net Errors-To: xen-devel-admin@lists.sourceforge.net List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , List-Archive: To: xen-devel List-Id: xen-devel@lists.xenproject.org Mike, Thanks for your input, it helped a lot, as did getting a box up and actually running it. I think I have a better grasp of what it does, and how it does it (for the basics). I guess at first I was hoping it would be more like one large virtual switch with solid VLAN capabilities. I see now that it is more like a normal bridge internally, but like having one or more switches with IPSEC/*S/wan controlling your physical nics. Some new questions: (I can hear the from here) :-) 1) for auth and conf security, how is keying handled? 2) how do you set this up other than defining the security model? 3) How can you differentiate between a valid second xend host that is running vnets, and a rogue xend box (unlikely at this time, but ...) that got lucky in guessing your vnetid, and security setting. Regards, Brian. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click