6,534
edits
Changes
HSP -> hosting
* ''veth'' allows broadcasts in CT, so you can use even a DHCP server inside a CT, or a samba server with domain broadcasts or other such stuff.
* ''veth'' has some security implications, so is not recommended in untrusted environments like HSPfor hosting. This is due to broadcasts, traffic sniffing, possible IP collisions etc. i.e. CT's user can actually ruin your ethernet network with such direct access to ethernet layer.
* With ''venet'' device, only OpenVZ host node administrator can assign an IP to a CT. With ''veth'' device, network settings can be fully done on CT side by the CT administrator. CT should setup correct gateway, IP/netmask etc. and then a [[HN|node]] admin can only choose where your traffic goes.
* ''veth'' devices can be bridged together and/or with other devices. For example, in host system admin can bridge ''veth'' from 2 CTs with some VLAN eth0.X. In this case, these 2 CTs will be connected to this VLAN.
