Good day.

yes the VMs and the firewall on the same L2 network also the firewall is hosted in oVirt along side the VMs, currently there is no external switch connected to the nic and i would like to know if it is possible to pass tag internally.

On Fri, Aug 23, 2019 at 9:21 PM Tony Pearce <tonyppe@gmail.com> wrote:

Have the VM and the firewall on the same L2 network. Configure the VM with a default gateway of the interface of the firewall. 

Is it what you're looking for?

On Fri., 23 Aug. 2019, 21:15 Ernest Clyde Chua, <ernestclydeachua@gmail.com> wrote:

Good day.

sorry if i got you guys confused.

for clarity:

i have a server with two nic, currently one nic is connected to public network and the other one is disconnected.

And i have a vm that will be the firewall of other vm inside this standalone/selfhosted ovirt.

then i am figuring out how can i pass the vlan ids on the vm or is it possible.

On Fri, 23 Aug 2019, 7:46 PM Dominik Holler <dholler@redhat.com> wrote:

On Thu, Aug 22, 2019 at 1:18 PM Miguel Duarte de Mora Barroso <mdbarroso@redhat.com> wrote:

On Wed, Aug 21, 2019 at 9:18 AM <ernestclydeachua@gmail.com> wrote:
>
> good day
> currently i am testing oVirt on a single box and setup some tagged vms and non tagged vm.
> the non tagged vm is a firewall but it has limitations on the number of nic so i cannot attach tagged vnic and wish to handdle vlan tagging on it
>
> is it possible to pass untaged franes internally?

I think it would fallback to the linux bridge default configuration,
which internally tags untagged frames with vlanID 1, and untags them
when exiting the port. Unless I'm wrong (for instance, we change the
bridge defaults), this means you can pass untagged frames through the
bridge.

Adding Edward, to keep me honest.

I am unsure if I got the problem.

If you connect an untagged logical network to a vNIC (virtual NIC of a VM), all untagged Ethernet frames will be forwarded from the host interface (physical NIC or bond).

If no tagged logical network is attached to this host interface, VLAN tag filtering is not activated and even tagged Frames would be forwarded to the vNC.

Does this answer the question?

 

> _______________________________________________
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-leave@ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/HYFSLS5QM5DKBYWFF44NCB4E3CD5GKH4/
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/ME77W5PLKOQC5U3OXNZE3W7W27ZOPVIP/

_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/UE3XZWUU5UMT4PGN6GEHH4KCAEDT4MN3/