OpenVZ provides you to use either [[venetveth]] (Virtual eTHernet) or [[vethvenet]] (Virtual NETwork) devices (or both) for in-[[VECT]] networking. Here we describe the differences between those devices.

* ''veth '' allows broadcasts in VECT, so you can use even a DHCP server inside a VECT, or a samba server with domain broadcasts or other such stuff.* ''veth '' has some security implications, so is not recommended in untrusted environments like HSP. This is due to broadcasts, traffic sniffing, possible IP collisions etc. i.e. VE CT's user can actually ruin your ethernet network with such direct access to ethernet layer.* With venet ''veth'' device, only node administrator can assign an IP to a VECT. With ''veth '' device, network settings can be fully done on VE CT side. VE CT should setup correct gateway, IP/netmask etc. and then a [[HN|node]] admin can only choose where your traffic goes.* ''veth '' devices can be bridged together and/or with other devices. For example, in host system admin can bridge ''veth '' from 2 VEs CTs with some VLAN eth0.X. In this case, these 2 VEs CTs will be connected to this VLAN.* venet ''veth'' device is a bit faster and more efficient.* With ''veth '' devices, IPv6 auto generates an address from MAC.

! Feature !! [[veth ]] !! [[venet]]

! Broadcasts inside VECT