Answer the question
In order to leave comments, you need to log in
G
G
Godless2016-09-27 14:58:45
Godless, 2016-09-27 14:58:45
How to properly separate traffic for virtual machines and a KVM host?
In principle, everything is simple - there is a KVM host, it has 2-3 services + several virtual machines.
There is only one setevukha on the host. IP grey, behind NAT. Conditionally x.x.x.1/24. Several ports have been forwarded from tyrnet to this address, incl. 80 and 443.
Virtual machines have yyy0/24 addresses inside the host and, accordingly, go to the network through NAT.
It is necessary: to separate the traffic of virtual machines and the host. So that virtual machines do not see each other and do not see the host.
The situation is complicated by nginx, which routes all web traffic to virtual machines (and the host! The host also has web resources). There are many sites, all HTTPS, one IP, so you need SNI, i.e. a single nginx is needed.
Question: how to do it correctly ?
Intentionally I will not write my thoughts, I have a couple of decisions in my head, but everything is something and not that ...
Similar questions
A
D
Danil2016-07-05 08:38:55
Why is the Internet not working with a dynamically specified gateway?
2Reply
V
Vladislav Tatarintsev2018-12-03 18:40:53
Why can't I connect to Firebird from another network?
2Reply
A
Andriy Kondratiev2014-06-03 09:37:47
Distribution of frequencies of routers in the local network?
3Reply
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question