From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1N73NV-00046J-Ru
	for qemu-devel@nongnu.org; Sun, 08 Nov 2009 03:44:05 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1N73NR-0003z5-7n
	for qemu-devel@nongnu.org; Sun, 08 Nov 2009 03:44:05 -0500
Received: from [199.232.76.173] (port=33039 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1N73NQ-0003ym-VW
	for qemu-devel@nongnu.org; Sun, 08 Nov 2009 03:44:01 -0500
Received: from moutng.kundenserver.de ([212.227.126.177]:51421)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <arnd@arndb.de>) id 1N73NQ-0008Bb-Fl
	for qemu-devel@nongnu.org; Sun, 08 Nov 2009 03:44:00 -0500
From: Arnd Bergmann <arnd@arndb.de>
Subject: Re: [Qemu-devel] [PATCH 4/4] Add support for -net bridge
Date: Sun, 8 Nov 2009 08:43:25 +0000
References: <1257294485-27015-1-git-send-email-aliguori@us.ibm.com>
	<4AF5F0A2.8050309@codemonkey.ws> <4AF680FD.5050101@redhat.com>
In-Reply-To: <4AF680FD.5050101@redhat.com>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <200911080843.25648.arnd@arndb.de>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Mark McLoughlin <markmc@redhat.com>, Anthony Liguori <aliguori@us.ibm.com>, Arnd Bergmann <arndbergmann@googlemail.com>, Michael Tsirkin <mst@redhat.com>, Dustin Kirkland <kirkland@canonical.com>, Juan Quintela <quintela@redhat.com>, Avi Kivity <avi@redhat.com>, David Woodhouse <dwmw2@infradead.org>

On Sunday 08 November 2009 08:27:41 Avi Kivity wrote:
> On 11/08/2009 12:11 AM, Anthony Liguori wrote:
> >
> >>  You don't need root privileges to use a tap device.
> >
> > You can access a preconfigured tap device but you cannot allocate a 
> > tap device and connect it to a bridge without CAP_NET_ADMIN.
> 
> btw, shouldn't we, in the general case, create a bridge per user and use 
> IP NAT?  If we have a global bridge, users can spoof each other's MAC 
> addresses and interfere with their virtual machines.  They can also 
> interfere with the real network.
> 
> That's not a concern with most one-user-per-machine configurations, but 
> the default configuration should be safe.

It also depends a lot on what you want to do with the virtual machine.
If you want to run a game or a legacy application in a different operating
system on your desktop, a NATed bridge is ideal, but it does not work
on a server if the guest wants to listen on a socket with its own IP address.

	Arnd <><