I have a physical network ovirtmgmt, and a logical network 10-non-prod with
the vlan tag of 10 and the network label of 10.
The physical and vlan have both been dragged to the enp0 NIC on the host.
What I understand from this is that the bridge has been there all along,
but, since I can't ping the host no traffic is crossing it.
Host IP's : *192.168.2.18/24 <
Regards,
David Johnson
On Tue, Feb 2, 2021 at 12:44 PM Dan Yasny <dyasny(a)gmail.com> wrote:
On Tue, Feb 2, 2021 at 1:38 PM David Johnson <djohnson(a)maxistechnology.com>
wrote:
> Thanks, this is a step closer, but the details are still very sketchy.
>
> Following the instructions at
>
https://www.ovirt.org/documentation/administration_guide/#appe-Custom_Net...
> :
>
> If I understand the instructions correctly:
>
> 1. Open the host in the Ovirt UI
> 2. Go to the Network tab
> 3. Select the NIC I want to bridge to
> 4. Click "Setup Host Networks"
> 5. Click the pencil icon on the (host? VLAN?) network
> 6. Choose the Custom Properties tab
> 7. In the Custom Properties (Please Select a key), choose
> "bridge_opts"
> 8. ???? At this point, there is no way to add the keys it looks like
> it needs ??? Total loss ???
>
>
You need to create a logical network first. Do you have any of those?
Logical networks are where you may add VLAN tags.
In the hosts' network setup window you simply drag the logical network to
the NIC or bond and save. The VLAN tag and bridge will be created
accordingly on the host
>
> Regards,
> David Johnson
> Director of Development, Maxis Technology
> 844.696.2947 ext 702 (o) | 479.531.3590 (c)
> djohnson(a)maxistechnology.com
>
>
> [image: Maxis Techncology] <
http://www.maxistechnology.com>
>
www.maxistechnology.com
>
>
> *stay connected <
http://www.linkedin.com/in/pojoguy>*
>
>
> On Tue, Feb 2, 2021 at 9:24 AM Dan Yasny <dyasny(a)gmail.com> wrote:
>
>>
>>
>> On Tue, Feb 2, 2021 at 10:20 AM David Johnson <
>> djohnson(a)maxistechnology.com> wrote:
>>
>>> This is great ... I am missing the bridge (at least).
>>>
>>> Does the bridge reside on the host or the VM? Is it created in the
>>> Ovirt UI, or in the VM operating system?
>>>
>>
>> On the host. Logical networks in oVirt are a virtual construct,
>> translating to a "profile" that gets built on the hosts in the
cluster.
>> Essentially, each logical network is a bridge with the same name on the
>> hosts, and if there's a vlan tag, then the interface (or bond) gets tagged,
>> and the bridge is built on top of that tagged interface. VMs are plugged
>> into the bridges and their traffic flows through the bridges to the
>> switches. Very simple really, and there was a KB we published about this
>> about a decade ago.
>>
>>
>>>
>>> Thanks!
>>>
>>> David Johnson
>>>
>>> On Tue, Feb 2, 2021 at 9:16 AM Dan Yasny <dyasny(a)gmail.com> wrote:
>>>
>>>>
>>>>
>>>> On Tue, Feb 2, 2021 at 10:06 AM David Johnson <
>>>> djohnson(a)maxistechnology.com> wrote:
>>>>
>>>>> Good morning Ales,
>>>>>
>>>>> Thank you for your response.
>>>>>
>>>>> At this point, while I believe I have marked the networks as
>>>>> required, I am hesitant to assume that they are marked because I
don't
>>>>> understand for sure which pieces I don't understand.
>>>>>
>>>>> Unfortunately, what I am missing is a number of random bits and
>>>>> pieces that tie everything together.
>>>>>
>>>>> I have fought with the networking on this cluster for over a week.
>>>>> The network configuration was so messed up it was faster and cleaner
to
>>>>> wipe the cluster completely and start from scratch, and I just
finished a
>>>>> clean reinstallation.
>>>>>
>>>>> Now that it's back up and I understand it better, the VM's on
VLAN's
>>>>> are still unable to reach beyond themselves - they cannot even ping
the
>>>>> host they are on.
>>>>>
>>>>> Rather than try to address it symptom by symptom, I would like to
get
>>>>> a solid overview of how the different pieces tie together.
Unfortunately,
>>>>> in the official documentation, all I found was which buttons to push
to
>>>>> edit the vlan, with nothing that addresses how the different pieces
are
>>>>> wired together.
>>>>>
>>>>> My understanding of the architecture is:
>>>>>
>>>>> VM -> vNIC -> virtual switch -> physical NIC -> external
network ->
>>>>> gateway -> internet
>>>>>
>>>>
>>>> When you create a tagged network, the scheme changes a bit:
>>>> VM -> vNIC -> BRIDGE -> NIC.tag -> NIC -> switch
>>>>
>>>> All the VM traffic will get tagged this way, and the switch port
>>>> should be in trunk mode allowing tagged traffic through.
>>>>
>>>>
>>>>
>>>>
>>>>>
>>>>> What I don't understand is how to determine at which point in
the
>>>>> architecture the configuration is wrong, when the only symptom I have
for
>>>>> sure right now is that my VM's on a VLAN won't ping the host
or anything on
>>>>> the external network.
>>>>>
>>>>> At one point everything was working as expected, briefly, before the
>>>>> whole thing came crashing down, so the external network is at least
mostly
>>>>> configured.
>>>>>
>>>>> On Tue, Feb 2, 2021, 12:20 AM Ales Musil <amusil(a)redhat.com>
wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Tue, Feb 2, 2021 at 6:18 AM David Johnson <
>>>>>> djohnson(a)maxistechnology.com> wrote:
>>>>>>
>>>>>>> Good morning all,
>>>>>>>
>>>>>>> On my ovirt 4.4.4 cluster, I am trying to use VLan's to
separate
>>>>>>> VM's for security purposes.
>>>>>>>
>>>>>>> Is there a usable how-to document that describes how to
configure
>>>>>>> the vlan's so they actually function without taking the
host into
>>>>>>> non-operational mode?
>>>>>>>
>>>>>>> Thank you in advance.
>>>>>>>
>>>>>>> Regards,
>>>>>>> David Johnson
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Users mailing list -- users(a)ovirt.org
>>>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>>>>> Privacy Statement:
https://www.ovirt.org/privacy-policy.html
>>>>>>> oVirt Code of Conduct:
>>>>>>>
https://www.ovirt.org/community/about/community-guidelines/
>>>>>>> List Archives:
>>>>>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/IYPORJKHTSV...
>>>>>>>
>>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I assume that you have marked those networks as required. This
is
>>>>>> handy to make sure that all hosts in a cluster have this network
attached.
>>>>>> Which implies that the host is considered non operational until
you
>>>>>> assign all required networks.
>>>>>>
>>>>>> To avoid this you can uncheck it for a new network in the
cluster
>>>>>> tab of the "New Logical Network" window. For existing
go to
>>>>>> Compute -> Clusters -> $YOUR_CLUSTER -> Logical Networks
-> Manage
>>>>>> Networks and uncheck required for the affected network.
>>>>>> This can be always changed back.
>>>>>>
>>>>>> Hopefully this helps.
>>>>>> Regards,
>>>>>> Ales
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Ales Musil
>>>>>>
>>>>>> Software Engineer - RHV Network
>>>>>>
>>>>>> Red Hat EMEA <
https://www.redhat.com>
>>>>>>
>>>>>> amusil(a)redhat.com IM: amusil
>>>>>> <
https://red.ht/sig>
>>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list -- users(a)ovirt.org
>>>>> To unsubscribe send an email to users-leave(a)ovirt.org
>>>>> Privacy Statement:
https://www.ovirt.org/privacy-policy.html
>>>>> oVirt Code of Conduct:
>>>>>
https://www.ovirt.org/community/about/community-guidelines/
>>>>> List Archives:
>>>>>
https://lists.ovirt.org/archives/list/users@ovirt.org/message/47JUY2NVTCQ...
>>>>>
>>>>