Red Squirrel
[H]F Junkie
- Joined
- Nov 29, 2009
- Messages
- 9,211
Now that I have a managed switch one of the nice things is the ability to have vlans. One thing I'd like to do is be able to have VMs on my server that are part of different Vlans. The issue is I only have one network jack on the server and all the slots are used up by the sata controllers. So what if I was to set the server's port as a trunk and configure the vlan interfaces on the server?
Is there security issues with doing this? I would only configure an IP address on the virtual interface that I actually want to be able to access/be accessed, the other virtual network cards would simply act as an interface I can bind to with a VM.
Is it still a risk even if these interfaces are not configured with an IP?
I'm not worried about a potential hacker on that server accessing other vlans but rather the opposite, a potential hacker on one of the less secure vlans accessing the server. Is this something to worry about? I doubt I would even get any hackers or malware on the other vlans, but I like to treat them in a way where if it did happen they would not be able to do much damage. Currently I only have one extra vlan and it's the wifi network, but I may put a public access one too but the firewall would only allow it to access the internet and that's it. Just want to be sure that traffic could not somehow access the other vlans through that server.
Is there security issues with doing this? I would only configure an IP address on the virtual interface that I actually want to be able to access/be accessed, the other virtual network cards would simply act as an interface I can bind to with a VM.
Is it still a risk even if these interfaces are not configured with an IP?
I'm not worried about a potential hacker on that server accessing other vlans but rather the opposite, a potential hacker on one of the less secure vlans accessing the server. Is this something to worry about? I doubt I would even get any hackers or malware on the other vlans, but I like to treat them in a way where if it did happen they would not be able to do much damage. Currently I only have one extra vlan and it's the wifi network, but I may put a public access one too but the firewall would only allow it to access the internet and that's it. Just want to be sure that traffic could not somehow access the other vlans through that server.