[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] VM for WAN connection?

Subject: [ale] VM for WAN connection?
From: agcarver+ale at acarver.net (Alex Carver)
Date: Sat, 26 Sep 2015 10:19:00 -0700
In-reply-to: <CAAt=rgCX778LgKmzVNSdHCJvO-Fc2+mEq6ZwkVEnC-ARkxv1DQ@mail.gmail.com>
References: <CAAt=rgCX778LgKmzVNSdHCJvO-Fc2+mEq6ZwkVEnC-ARkxv1DQ@mail.gmail.com>

On 2015-09-26 09:02, James Sumners wrote:
> Finally got the motherboard in for my home router project. While thinking
> about how I want to do it, I had a thought about the connection to my ISP.
> I'm wondering if it is worth it to isolate that connection in a VM? The VM
> would still be hosted on the "router" system, and the traffic would still
> have to be routed back to the host OS.
> 
> Any opinions? Sound plan or redundant overkill?
> 

Don't bother.  Too much extra overhead and if something with the VM
system fails or is compromised then lots of other problems happen.

Just set the thing up to pass whatever open ports you need straight
through and open the service ports (SSH, etc.) to only the inside
network.  If you need to access the router from the outside, bounce
through an internal machine first instead of allowing a direct
connection to the router.

You could also set the internal service ports to accept connections from
only a select few internal machines.

Follow-Ups:
- [ale] VM for WAN connection?
  - From: james.sumners at gmail.com (James Sumners)

References:
- [ale] VM for WAN connection?
  - From: james.sumners at gmail.com (James Sumners)

Prev by Date: [ale] Autofs mounting issue...
Next by Date: [ale] VOID linux, was: Re: Origins of Linux, do we care?
Previous by thread: [ale] VM for WAN connection?
Next by thread: [ale] VM for WAN connection?
Index(es):
- Date
- Thread