I have a question and i dont want to open a ticket for that because it could be like a suggestion if its currently unavailable.
So I'm considering providing public and private address for my VPSes so I made 2 pools (which looks kinda messy in the panel at this time and the sorting is weird i think like 380 IPs in my total pool but i dont mind as long as its working) and i wonder is it possible for them to have some isolation between different clients?
At this point if for example someone get 2 virtual machines, one for web and one for sql it will be common for the client to losen the firewall rules between them on its internal interfaces to ease the communication between them. However if i have another this time abusive client who also get his virtual address and even decide to spoof it somehow or just scan with nmap the internal network he will be able to see these sensitive services and could try to attack them locally (same bridge right?)
is there a way to assign small independent bridges (not whole private network) to different users? i've heard for a project like openvswitch. maybe that could help?