From owner-freebsd-emulation Mon Aug 7 10: 6:57 2000 Delivered-To: freebsd-emulation@freebsd.org Received: from mother.ludd.luth.se (mother.ludd.luth.se [130.240.16.3]) by hub.freebsd.org (Postfix) with ESMTP id 8223437B9DC; Mon, 7 Aug 2000 10:06:47 -0700 (PDT) (envelope-from pantzer@ludd.luth.se) Received: from speedy.ludd.luth.se (speedy.ludd.luth.se [130.240.16.164]) by mother.ludd.luth.se (8.9.3+Sun/8.9.3) with ESMTP id TAA05733; Mon, 7 Aug 2000 19:05:38 +0200 (MEST) Message-Id: <200008071705.TAA05733@mother.ludd.luth.se> X-Mailer: exmh version 2.1.1 10/15/1999 To: Nick Sayer Cc: Robert Watson , freebsd-emulation@FreeBSD.ORG, security-officer@FreeBSD.ORG, pantzer@ludd.luth.se Subject: Re: vmware changes result in nasty bridging mess In-Reply-To: Message from Nick Sayer of "Sun, 06 Aug 2000 23:04:45 PDT." <398E517D.A524966F@quack.kfu.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 07 Aug 2000 19:05:38 +0200 From: Mattias Pantzare Sender: owner-freebsd-emulation@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > 1. You are probably the only person on the planet who has a machine with > > > both > > > bridging and vmware who (aparently) doesn't intend to bridge the guest > > > onto > > > the connected LAN. This means that you have an opportunity to customize > > > the > > > startup script rather than insist that everyone have it the way you like > > > it. > > > > Possibly true, but I'm interested in POLA for many situations, not just > > the common case. :-) See below, however. > > But isn't that which astonishes least that which astonishes the least > number > of people?! On our campus network it is not uncommon to find peaople that has a gateway machine so that they can have several computers. Both the campus network and the private network is on ethernet. Guess what will hapen when they start to use vmware... Remember that it is usualy a normal workstation that is used for this. It may even be the fastest computer. If the network administrator sees packets from a diffrent IP-range on the network then the offendig computers is very likly to be disconnected. That will astonish the poor student... > > No, I'm worried about the following case: a machine with two interfaces, > > and vmware, who then tries out bridging for the purposes of using vmware. > > Everyone with this configuration, please raise their hands. > > Remember, to qualify the two interfaces must be run simultaneously. Do not assume that all networks look like the ones you have used. > > The result of that operation is not POLA, as the BRIDGE documentation > > clearly specifies that to turn on bridging, you set the sysctl, and that > > the option is passive until then. As the port is currently written, it > > enables BRIDGE at every boot, regardless of a guest running, and affects > > more than just the guest environment, bridging all interfaces. > > And for both of you out there with two Ethernet cards and VMware > running, > you might want to add a bridge_cfg ioctl between the refresh and the > enabling sysctl. The port shoud do that then. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-emulation" in the body of the message