[ovirt-users] newbie questions on networking

Rue, Randy randyrue at gmail.com
Mon May 7 18:43:51 UTC 2018 

I've sort of had some progress. On Friday I went to the dentist and when 
I returned, my VM could ping google.

I don't believe I changed anything Friday morning but I confess I've 
been flailing on this for so long I'm not keeping detailed notes on what 
I change. And as I'm evaluating oVirt as a possible replacement for our 
production xencenter/xenserver systems, I need to know what was wrong 
and what fixed it.

I reinstalled the ovirt-engine box and two hosts and started again. The 
only change I've made beyond the default is to remove the 
no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are no 
filters applied. At this point I'm back to an ubuntu LTS server VM that 
again, is getting a DHCP IP address, nameserver entries in resolv.conf, 
and "route" shows correct local routing for addresses on the same subnet 
and the correct gateway for the rest of the world. The VM is even 
registering its hostname in our DNS correctly. And I can ping the static 
IP of the host the VM is on, but not the subnet gateway or anything in 
the real world.

Two things I haven't mentioned that I haven't seen anything in the docs 
about. My ovirt-engine box is on a different subnet than my hosts, and 
my hosts are using a bonded pair of physical interfaces (XOR mode) for 
their single LAN connection. Did I miss something in the docs where 
these are a problem?

Dominik, to answer your thoughts earlier:

* name resolution isn't happening at all, the VM can't reach a DNS server

* I don't manage the data center network gear but am pretty sure there's 
no configuration that blocks traffic. This is supported by my temporary 
success on Friday. And we also have other virtualization hosts (VMWare 
hosts) in the same subnet, that forward traffic to/from their VMs just fine.

* tcpdump on the host's ovirtmgmt interface is pretty noisy but if I 
grep for the ubuntu DDNS name I see a slew of ARP requests. I can see 
pings to the host's IP address, and attempts to SSH from the VM to its 
host. Any attempt to touch anything past the host shows nothing on any 
interface in tcpdump, not a ping to the subnet gateway, not an SSH 
attempt, not a DNS query or a ping to known IP address.

* hot damn, here's a clue! I can ping other oVirt hosts! (by IP only) I 
also tried pinging the ovirt-engine box, wasn't surprised when that 
failed as the VM would need to reach the gateway to get to the different 
subnet.

So it appears that even though I've set up the ovirtmgmt network using 
defaults, and it has the "VM Network" option checked, my logical network 
is still set to only allow traffic between the VMs and hosts.

What am I missing?

-randy

More information about the Users mailing list