# How secure is KVM/QEMU with guests on different networks?

## 1clue

Hi,

I don't really know where to put this:  I'm trying to plan a lot of new stuff at the same time.  The "stuff" includes:

At least two VM hosts, probably both kvm/qemu.

A bunch of VMs on them, some new some from older equipment.

Multiple networks

VPN endpoint

3 security-oriented switches/firewalls

This sounds more grandiose than it really will be, this is all financed out of pocket.  The VM hosts will be new hardware, there is one existing VM host that will stay.

So the VM hosts are going to be there for redundancy primarily, and maybe security.

I have 4 networks based on security needs:

DMZ: Not completely open, but all externally-accessible boxes -- real or virtual -- are here.

NAT/Wifi: A typical home router, already here.  Hooks into the same router that handles the DMZ and the VPN endpoint.  Can see DMZ by the same rules that external hosts can.

VPN: Public side is the external router, private side is the VPN-accessible network.

Private: Hooks to VPN accessible network, but absolutely nothing can be initiated from outside, and specific rules allowed from inside.

This is going to be a combination of real hardware and virtual hardware:

I was thinking a pre-built pfSense appliance for the external firewall/router, just so I know I have network access somewhere when my compilers blow up.   :Smile: 

I have endless quantities of laptops and phones and TVs and other digital cockroaches.  These all go on the existing home router.

The internal network appliances might be virtual.

A lot of the VPN-accessible network will be virtual.

The private-nothing-in network will have probably one workstation and the VM hosts.

No wireless capability inside the VPN or private network.

VM hosts donate all physical NICs to routers.

VM hosts have a simple virtual connection to the private network and therefore through to the Internet for software updates and the like.

NICs (both physical and virtual) are VLAN (802.1Q) aware for networking entities. (router/firewall/switch)

So finally my questions are regarding VLAN-aware VM hosts (802.1Q) which have guests on multiple networks:

Are there security concerns from having VMs from different networks on the same physical host?  Meaning, memory sharing, exploits related to KVM/Qemu?

Are there security concerns for virtual networking hardware other than the concerns that would exist were the hardware physical?

I would much rather have a really good README that's pertinent to these questions than having everyone try to solve my problem for me.

There are lots more questions, but I think this is enough for one post.

Thanks in advance.

----------

## Januszzz

A readme you say. I would look at Ganeti mailing list, there were some great network setups and they should be aware of any security issues they may arise around.

So THATS a README  :Smile: 

Apart of your setup, ganeti is good option, but there should have been at least three nodes to feel comfortable ( my opinion only).

----------

## 1clue

I'll take a look at Ganeti.

Three VM hosts seems to be a magic number, leaving you with satisfactory performance when one goes down.

I already have a 1st-gen i7 that's a VM host.  I think that's going to be the third node.  I'm hoping to get two in quick succession or simultaneously that I mentioned in this project, and then use the older i7 as a backup/miscellaneous box.

Thanks.

----------

