search for: enp1so

...re > addresses. If you set up addresses and then filtering, there's a *very* > brief window where traffic isn't filtered, and that is bad. However, in this case the host won't have addresses on (based on my above correction) either br2 or br3. It does sound, though, like having enp1so, enp1s0.2, and enpe1s0.3 in the 'DMZ' zone means that filtering rules on the host will affect inbound traffic to the VMs on br2 and br3. At least that question is easy to empirically verify, and if so, then it would argue that the three enp1s0* interfaces should be in their own zone, pres...

I'm looking for some information regarding the interaction of KVM, VLANs, firewalld, and the kernel's forwarding configuration. I would appreciate input especially from anyone already running a similar configuration in production. In short, I'm trying to figure out if a current configuration is inadvertently opening up traffic across network segments. On earlier versions of CentOS