Hi,
and thanks for your effort.
The root cause for this was found with help
via IRC from apuimedo (Thanks again!)
ovirt utilizes libvirt for the network
qos, which just sets it for "protocol ip"
and not for the whole device.
This leads to unrestricted IPv6 traffic outbound.
I'm currently trying to write a hook
to alter the tc filters for the vms, so
they get per device restricted rather than
per protocol (which makes no sense at all TBH).
When I got the time I'll file a BZ too.
Thank you very, very much again, apuimedo
for pushing me in the right direction
and even proposing a solution!
Am 03.04.2014 19:50, schrieb Gilad Chaplik:
Hi Sven,
disclaimer, not familiar with this feature that much (although I should), looks like the
problem is in libvirt (according to your story).
googling 'outbound libvirt not working' shows that you're not the only one
:)
http://www.redhat.com/archives/libvir-list/2011-August/msg00341.html
http://www.redhat.com/archives/libvir-list/2012-June/msg01306.html
Thanks,
Gilad.
--
Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen