Security question

N

newuser23333

New Member
Sep 4, 2024
1
0
1
I apologize in advance for any silly and seemingly simple questions, but I am new to this. I have virtual machines with static IP addresses connected to vmbr0. The MAC filter option is enabled in the firewall for all machines, and I have also created rules for each VM that allow sending/receiving packets only to the permitted address. My task is to ensure that the machines do not see each other's traffic, and I checked with tcpdump and indeed see nothing except ARP packets. Do I need to take any further actions to segment the network, or is it already safe in the context that VM1 cannot influence VM2 in any way ? (in the context that they both use vmbr0)
 
You can restrict more your traffic by adapting your netmask!

IF all vm are on same subnet like
192.168.10.10
192.168.10.11
192.168.10.12

And the netmask is /24 (255.255.255.0) of course VM can see other vm!

But if you restrict netmask by vm itself like /32 (255.255.255.255) on this case vm never see other
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back