[pve-devel] internal dhcp server, where to put dhcp configuration ?
Alexandre DERUMIER
aderumier at odiso.com
Sat Aug 24 08:10:56 CEST 2013
>>What if some VMs on the bridge require the external dhcp server?
>>I guess we also can do that with iptables, by restricting access to internal server
>>for VMs with dhcp configured (or is the an easier way)?
Yes, I think it should work like this. restriction for macaddress of virtual machines with ip configured by example.
So it should also works for vm which need an external dhcp server.
We can add dynamic iptables rules on vm start in pve-bridge script.
1) We need to restrict dnsmasq to only reply to configured internal vm
(Iptables Or maybe can we configure directly dnsmasq to only reply for specific mac address ???)
2) We need to block dhcp queries from configured internal vms to go outside the bridge.
(we don't want that an external dhcp server respond to this queries)
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: "pve.proxmox.com" <pve-devel at pve.proxmox.com>
Envoyé: Vendredi 23 Août 2013 18:28:24
Objet: RE: [pve-devel] internal dhcp server, where to put dhcp configuration ?
> > I think we should block incoming dhcp requests from outside world with
> > iptables.
> > As with dhcp, this is random, the fastest dhcp server to respond win.
>
> What if some VMs on the bridge require the external dhcp server?
I guess we also can do that with iptables, by restricting access to internal server
for VMs with dhcp configured (or is the an easier way)?
More information about the pve-devel
mailing list