Re: [Users] why ovirt does not support NAT network
On Fri, Dec 27, 2013 at 11:00:15AM +0000, quasides wrote:
Why not Bridged/routed NAT Setup?
The short answer is that it simply has never been implemented. The
longer answer is about the entranchement of a network's interface device
in Engine, and the multitude of possible NAT configurations.
It is not easy to define which of the many-possible NAT configurations
should be contollable via Engine.
Iam currently heavy using those setups.
All VMs have an internal nic let say
physical host1 - 10.10.10.x
physical host2 - 10-10.11.x
psysical host vpn - 10.10.1.x
so basically every psysical host has at least one physical NIC, one virtual
VPN nic, one virtual bridge.
all those are internal routed (i use openvpn to connect host 1 and 2)
so every VM can communicate to each others vm
every psysical host hast also NAT to forward one or more IP/ports to each VM
also the psysical host can work as a transparent firewall and i dont need a
vpn nic on every vm.
so what i would love to have is at least ability to use the vpn network
interfaces instead of real one and at least beeing able to say that
bridge/nat vonfig is done manually , which isnot ideal but better than not
beeing able to use that setup at all
I think that in this regard, you can use my recently-posted "extnet"
Vdsm hook. You should manually create a libvirt NATed network on each
host and then add the "extnet" custom property to vNICs that you want to
be connected to it.
You may use another hook to automate the creation of that libvirt
network. If you provide more details on how you manually configure your
VPN, we may be able to help you write such a hook.
Dan.