routed tap devices - Sterling Windmill

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sterling Windmill <sterling@ampx.net>
To: kvm@vger.kernel.org
Subject: routed tap devices
Date: Wed, 7 Jan 2009 09:00:08 -0500 (EST)	[thread overview]
Message-ID: <1576523211.2321231336808450.JavaMail.root@mail.ampx.net> (raw)

I am using kvm-82 on a 64-bit host and giving my virtual machines routed tap devices and utilizing proxy arp to provide them connectivity.

My host has two ethernet adapters, one connected to the WAN and the other is a private link to another server with a private IP address.

Even though I'm assigning device names (on the host) based upon mac address, it seems that depending upon the order in which the linux kernel sees my ethernet adapters they are behaving differently in terms of ip forwarding. 

If I run `ip link` I see eth1 listed before eth0 and a virtual machine running behind a tap device that is using ip forwarding sees eth1's IP as it's first hop in a traceroute. 

If I swap eth0 and eth1 (via their configuration), the first hop in the guest's traceroute is eth0's IP and `ip link` shows eth0 first. Is there a way to control this behavior other than switching physical ethernet adapters?

I may be paranoid, but I don't want the virtual machines to "see" my private IP address when using standard tools such as traceroute.

Anyone have any ideas?

                 reply	other threads:[~2009-01-07 14:00 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1576523211.2321231336808450.JavaMail.root@mail.ampx.net \
    --to=sterling@ampx.net \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.