First of all, I’m going to explain my OpenNebula configuration and, later, I will explain what I need.
I have only one server that acts as OpenNebula-server and OpenNebula-kvm-node. It has 4 NICs but only 1 is connected to the physical switch.
I have configured network with eth0 attached to bridge br0 (I’m using LinuxBridges, not OpenvSwitch). This “br0” is configured with my public IP address and, then, I have created 3 more bridges (br0:1, br0:2 and br0:3), each of them with an private IP address from my three OpenNebula private networks. So my server has configured 4 IPs.
Each private network, during its configuration in OpenNebula, was attached to “br0” device, no “br0:X” device (parameter “BRIDGE”), but I have not configured parameter “PHYDEV” of each private network (neither on the public network).
In my scenario, several users need to use these three private networks. They are not been able to create network, so they ONLY could use three I have create as “oneadmin”.
But now, I have got this problem: machine 1 of user A in private network #1 can ping machine 1 of user B in the same private network #1 because both machines are attached to the same network. So, could I configure OpenNebula private networks or bridges for isolate this traffic?
Thanks a lot!!!