1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

VM can see traffic of other VM?

Discussion in 'Mail Gateway: Installation and configuration' started by SanderM, Dec 21, 2016.

  1. SanderM

    SanderM Member

    Joined:
    Oct 21, 2016
    Messages:
    40
    Likes Received:
    1
    I'm running Proxmox 4.4 with openvswitch 2.6.0.

    I just discovered that one VM, which was a clean Linux install, running no services, is seeing about 2mbyte/s of incoming traffic according to proxmox VM graph. So I installed a network sniffer in this VM and it can see a lot of traffic caused by other VM's.

    How can I isolate each VM so that one VM cannot snif traffic of another VM? I also do not understand why this VM can see the traffic anyway? Isn't a switch (openvswitch is a switch, right?) supposed to only forward packets that actually belong to the mac address of this VM?

    Any explanation on what's happening here would be appreciated. And any idea how to fix this?

    Thanks
     
  2. SanderM

    SanderM Member

    Joined:
    Oct 21, 2016
    Messages:
    40
    Likes Received:
    1
    Nobody?


    So I created a new test setup with one proxmox box and 3 VM's. All VM's have a single public IP address.
    It's using openvswitch with ovs_port eth0. eth0 is physically connected to the switch for internet uplink.

    VM1 sends a lot of traffic to VM2.
    VM3 has nothing to do with VM1 or VM2 but "tcpdump -XX -i eth0" shows A LOT of traffic that's actually meant for VM2 (coming from VM1).

    Why is VM3 receiving this traffic. All 3 VM's are connected to a switch (openvswitch) which shouldn't be sending packets that are not meant for the MAC addres of VM3 .. Right?

    Or am I missing something.
     
  3. LnxBil

    LnxBil Well-Known Member

    Joined:
    Feb 21, 2015
    Messages:
    1,960
    Likes Received:
    119
    I've never used openvswitch, but in "ordinary" bridge mode, this is not the case at all. Maybe some misconfiguration on the openvswitch side?
     
  4. chandrabhan maktal

    chandrabhan maktal New Member

    Joined:
    Aug 10, 2017
    Messages:
    5
    Likes Received:
    0
    Actually I'm not aware of this topic.But I want to use VM can any one forward reply.
     

Share This Page