All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Mac Filtering in VirtFusion
I have VirtFusion (v4.0.0) set up and running and I want to try nested virtualization with let say Hyper-V. So, I created a server in VirtFusion (let's call it parent-vm) for which I've enabled the VT-x feature.
I've installed Windows Server 2022 on parent-vm, added Hyper-V and finally created a Windows 10 VM in Hyper-V (let's call it child-vm).
Two public IPv4 addresses have been given to the parent-vm and I want to configure it such that parent-vm uses the IPv4-A and child-vm uses IPv4-B.
Setting up virtual switches in Hyper-V and enabling the above networking is not a problem. My problem is what is called IP Anti-Hijacking in VirtFusion. Basically, to prevent the users from accessing any IP in their servers, VirtFusion poses a kind of Mac filtering such that it restricts the access to the network only to the predefined mac addresses.
All good up to now but the issue is that there seems to be no way to define/set the mac address for the second and subsequent public IPs. In other words, the child-vm cannot use IPv4-B because there's no mac address for it in VirtFusion!
Only solution seems to be disabling the Network Filtering for the parent-vm; then child-vm can actually bind to and use IPv4-B but as it's evident, it's a bad idea because now the user of parent-vm (or child-vm) not only can bind to IPv4-A and IPv4-B, but also he can bind and use any free IP.
Comments
I'd tag them, but, I think he'd greatly prefer it if you just create a ticket in their client area. He's usually very helpful, and can prioritize it accordingly.
Just enable proxy arp.
Regarding your issue with IP Anti-Hijacking in VirtFusion, I understand the challenge you're facing with defining MAC addresses for additional public IPs. It seems like there might be limitations within VirtFusion's current setup in this regard.
One potential workaround could be to explore enabling proxy ARP. Proxy ARP can help route traffic for additional IP addresses through a single MAC address, potentially allowing you to configure the child-vm to use IPv4-B.
However, if you're unable to find a suitable solution through proxy ARP, it might be worthwhile to consider reaching out to the VirtFusion support team for assistance. They may be able to provide specific guidance or address any limitations in the current setup.
Please, No AI shit here.
As it stands, there is no functionality to bind an IP to a specific MAC address. All traffic has to originate from the VM interface MAC.
You would either need to disable filtering on the VM interface or use some trickery (route/proxy) inside the VM.
Are there plans to add this functionality?
It will be useful for dedicated servers, where you virtualize a single VM per hypervisor, and the client wants to use multiple ips.
We do this for ease of OS management compared to baremetal ipmi installation , also provides quick migration incase of hardware failure. Much better than a traditional setup.
This is a lot easier with routed configuration. Linux has capabilities to apply filters per interface to prevent IP spoof and hijack.