From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1LNS0E-0002Uh-Hb
	for qemu-devel@nongnu.org; Thu, 15 Jan 2009 08:11:18 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1LNS07-0002Tp-VE
	for qemu-devel@nongnu.org; Thu, 15 Jan 2009 08:11:14 -0500
Received: from [199.232.76.173] (port=53139 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1LNS07-0002TO-5W
	for qemu-devel@nongnu.org; Thu, 15 Jan 2009 08:11:11 -0500
Received: from mail2.shareable.org ([80.68.89.115]:40558)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <jamie@shareable.org>) id 1LNS06-0000Vh-P1
	for qemu-devel@nongnu.org; Thu, 15 Jan 2009 08:11:11 -0500
Date: Thu, 15 Jan 2009 13:11:08 +0000
From: Jamie Lokier <jamie@shareable.org>
Subject: Re: [Qemu-devel] Re: [PATCH 1/5] virtio-net: Allow setting the MAC
	address via set_config
Message-ID: <20090115131108.GC32368@shareable.org>
References: <1231881829.9095.191.camel@bling>
	<20090114164155.GA6431@shareable.org> <496E61F0.8060605@redhat.com>
	<200901142214.46522.paul@codesourcery.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200901142214.46522.paul@codesourcery.com>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Mark McLoughlin <markmc@redhat.com>, dlaor@redhat.com, kvm <kvm@vger.kernel.org>

Paul Brook wrote:
> > What I meant is that if we allow the guest to change his mac address, it
> > can deliberately
> > change it to other hosts/guests mac and thus create networking problems.
> > Although guest can always mangle packets, maybe it worth enforcing these
> > macs for the guest.
> 
> This doesn't seem any different to real hardware that allows you to
> change the MAC address.

Indeed I have used that on several occasions to workaround pointless
firewalls and home networking restrictions.

People doing MAC-level hot-failover in high-availability environments
do it too.

-- Jamie