[ovirt-users] newbie questions on networking

Mon May 7 22:59:54 UTC 2018

I installed the ovirt node to standalone interfaces, then created the 
bond via the ovirt-node webui at port 9090, before adding the node to 
the cluster.

The DHCP server happens to be in the same subnet but no, I can't ping it 
as I can't ping anything beyond the physical interfaces of the hosts.

I've added a third host and can also ping that from the VM on node 1.

For a hoot also spun up a new CentOS VM in case this was an OS problem. 
Same results. And when the two VMs are on different hosts, they can't 
ping each other. When I migrate one so they're both on the same host, 
they can each ping each other.

On 5/7/2018 1:58 PM, Dominik Holler wrote:
> On Mon, 7 May 2018 11:43:51 -0700
> "Rue, Randy" <randyrue at gmail.com> wrote:
>
>> I've sort of had some progress. On Friday I went to the dentist and
>> when I returned, my VM could ping google.
>>
>> I don't believe I changed anything Friday morning but I confess I've
>> been flailing on this for so long I'm not keeping detailed notes on
>> what I change. And as I'm evaluating oVirt as a possible replacement
>> for our production xencenter/xenserver systems, I need to know what
>> was wrong and what fixed it.
>>
>> I reinstalled the ovirt-engine box and two hosts and started again.
>> The only change I've made beyond the default is to remove the
>> no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
>> no filters applied. At this point I'm back to an ubuntu LTS server VM
>> that again, is getting a DHCP IP address, nameserver entries in
>> resolv.conf, and "route" shows correct local routing for addresses on
>> the same subnet and the correct gateway for the rest of the world.
>> The VM is even registering its hostname in our DNS correctly. And I
>> can ping the static IP of the host the VM is on, but not the subnet
>> gateway or anything in the real world.
>>
> Can you ping the DHCP server?
>
>> Two things I haven't mentioned that I haven't seen anything in the
>> docs about. My ovirt-engine box is on a different subnet than my
>> hosts, and my hosts are using a bonded pair of physical interfaces
>> (XOR mode) for their single LAN connection.
> Was the bond created before adding the hosts to oVirt, or after adding
> the hosts via oVirt web UI?
> If the switch requires configuration for the bond, is this applied?
> Can you check if the VM can ping the getaway, if you use a simple
> Ethernet connection instead of the bond?
>
>> Did I miss something in the docs where these are a problem?
>>
>> Dominik, to answer your thoughts earlier:
>>
>> * name resolution isn't happening at all, the VM can't reach a DNS
>> server
>>
>> * I don't manage the data center network gear but am pretty sure
>> there's no configuration that blocks traffic. This is supported by my
>> temporary success on Friday. And we also have other virtualization
>> hosts (VMWare hosts) in the same subnet, that forward traffic to/from
>> their VMs just fine.
>>
> OK, L3 seems to work now sometimes.
>
>> * tcpdump on the host's ovirtmgmt interface is pretty noisy but if I
>> grep for the ubuntu DDNS name I see a slew of ARP requests. I can see
>> pings to the host's IP address, and attempts to SSH from the VM to
>> its host. Any attempt to touch anything past the host shows nothing
>> on any interface in tcpdump, not a ping to the subnet gateway, not an
>> SSH attempt, not a DNS query or a ping to known IP address.
>>
> The outgoing ARP requests looks like the traffic of the VM is forwarded
> to ovirtmgmt.
> Do you see ARP reply to the VM?
> Maybe the VM fails to get the MAC address of the gateway.
>
>> * hot damn, here's a clue! I can ping other oVirt hosts! (by IP only)
>> I also tried pinging the ovirt-engine box, wasn't surprised when that
>> failed as the VM would need to reach the gateway to get to the
>> different subnet.
>>
>> So it appears that even though I've set up the ovirtmgmt network
>> using defaults, and it has the "VM Network" option checked, my
>> logical network is still set to only allow traffic between the VMs
>> and hosts.
>>
>> What am I missing?
>>
>> -randy