On Mon, 7 May 2018 15:59:54 -0700
"Rue, Randy" <randyrue(a)gmail.com> wrote:
I installed the ovirt node to standalone interfaces, then created the
bond via the ovirt-node webui at port 9090, before adding the node to
the cluster.
I recommend to use oVirt to configure the network interfaces of the
host, whenever possible. So the bond of the host should be configured by
oVirt, but maybe there is an additional configuration on the switch
required, too.
The troubleshooting can be done step by step, to find the action which
breaks the network connection.
1. After the ovirt-node is installed, the network connection of
the host should be verified.
2. After the host is added to oVirt, the network connection of
the host should be verified again.
3. The network connection of a VM running on the host should be
verified.
4. The bond should be configured by oVirt, and the network connection
of the host should be verified again. Maybe there is additional
configuration on the switch required, too.
5. The network connection of a VM running on the host with bond should
be verified, again.
In which step the network connection breaks?
The DHCP server happens to be in the same subnet but no, I can't
ping
it as I can't ping anything beyond the physical interfaces of the
hosts.
Interesting, so DHCP is working for the VM, but not a ping to the DHCP
server?
I've added a third host and can also ping that from the VM on
node 1.
For a hoot also spun up a new CentOS VM in case this was an OS
problem. Same results. And when the two VMs are on different hosts,
they can't ping each other. When I migrate one so they're both on the
same host, they can each ping each other.
On 5/7/2018 1:58 PM, Dominik Holler wrote:
> On Mon, 7 May 2018 11:43:51 -0700
> "Rue, Randy" <randyrue(a)gmail.com> wrote:
>
>> I've sort of had some progress. On Friday I went to the dentist and
>> when I returned, my VM could ping google.
>>
>> I don't believe I changed anything Friday morning but I confess
>> I've been flailing on this for so long I'm not keeping detailed
>> notes on what I change. And as I'm evaluating oVirt as a possible
>> replacement for our production xencenter/xenserver systems, I need
>> to know what was wrong and what fixed it.
>>
>> I reinstalled the ovirt-engine box and two hosts and started again.
>> The only change I've made beyond the default is to remove the
>> no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
>> no filters applied. At this point I'm back to an ubuntu LTS server
>> VM that again, is getting a DHCP IP address, nameserver entries in
>> resolv.conf, and "route" shows correct local routing for addresses
>> on the same subnet and the correct gateway for the rest of the
>> world. The VM is even registering its hostname in our DNS
>> correctly. And I can ping the static IP of the host the VM is on,
>> but not the subnet gateway or anything in the real world.
>>
> Can you ping the DHCP server?
>
>> Two things I haven't mentioned that I haven't seen anything in the
>> docs about. My ovirt-engine box is on a different subnet than my
>> hosts, and my hosts are using a bonded pair of physical interfaces
>> (XOR mode) for their single LAN connection.
> Was the bond created before adding the hosts to oVirt, or after
> adding the hosts via oVirt web UI?
> If the switch requires configuration for the bond, is this applied?
> Can you check if the VM can ping the getaway, if you use a simple
> Ethernet connection instead of the bond?
>
>> Did I miss something in the docs where these are a problem?
>>
>> Dominik, to answer your thoughts earlier:
>>
>> * name resolution isn't happening at all, the VM can't reach a DNS
>> server
>>
>> * I don't manage the data center network gear but am pretty sure
>> there's no configuration that blocks traffic. This is supported by
>> my temporary success on Friday. And we also have other
>> virtualization hosts (VMWare hosts) in the same subnet, that
>> forward traffic to/from their VMs just fine.
>>
> OK, L3 seems to work now sometimes.
>
>> * tcpdump on the host's ovirtmgmt interface is pretty noisy but if
>> I grep for the ubuntu DDNS name I see a slew of ARP requests. I
>> can see pings to the host's IP address, and attempts to SSH from
>> the VM to its host. Any attempt to touch anything past the host
>> shows nothing on any interface in tcpdump, not a ping to the
>> subnet gateway, not an SSH attempt, not a DNS query or a ping to
>> known IP address.
> The outgoing ARP requests looks like the traffic of the VM is
> forwarded to ovirtmgmt.
> Do you see ARP reply to the VM?
> Maybe the VM fails to get the MAC address of the gateway.
>
>> * hot damn, here's a clue! I can ping other oVirt hosts! (by IP
>> only) I also tried pinging the ovirt-engine box, wasn't surprised
>> when that failed as the VM would need to reach the gateway to get
>> to the different subnet.
>>
>> So it appears that even though I've set up the ovirtmgmt network
>> using defaults, and it has the "VM Network" option checked, my
>> logical network is still set to only allow traffic between the VMs
>> and hosts.
>>
>> What am I missing?
>>
>> -randy