Looks like the physical interface on the host and the virtual interface
on the VM are both at the default 1500 MTU.
How can I determine the MTU setting for the physical switches without
admin access to them? Or do I need to ask the network team?
On 5/7/2018 2:03 PM, Clint Boggio wrote:
Randy this flaky layer two problem reeks of a possible MTU situation
between your oVirt switches and your physical switches.
> On May 7, 2018, at 3:59 PM, Dominik Holler <dholler(a)redhat.com> wrote:
>
> On Mon, 7 May 2018 11:43:51 -0700
> "Rue, Randy" <randyrue(a)gmail.com> wrote:
>
>> I've sort of had some progress. On Friday I went to the dentist and
>> when I returned, my VM could ping google.
>>
>> I don't believe I changed anything Friday morning but I confess I've
>> been flailing on this for so long I'm not keeping detailed notes on
>> what I change. And as I'm evaluating oVirt as a possible replacement
>> for our production xencenter/xenserver systems, I need to know what
>> was wrong and what fixed it.
>>
>> I reinstalled the ovirt-engine box and two hosts and started again.
>> The only change I've made beyond the default is to remove the
>> no-mac-spoofing filter from the ovirtmgmt vNIC profile so there are
>> no filters applied. At this point I'm back to an ubuntu LTS server VM
>> that again, is getting a DHCP IP address, nameserver entries in
>> resolv.conf, and "route" shows correct local routing for addresses on
>> the same subnet and the correct gateway for the rest of the world.
>> The VM is even registering its hostname in our DNS correctly. And I
>> can ping the static IP of the host the VM is on, but not the subnet
>> gateway or anything in the real world.
>>
> Can you ping the DHCP server?
>
>> Two things I haven't mentioned that I haven't seen anything in the
>> docs about. My ovirt-engine box is on a different subnet than my
>> hosts, and my hosts are using a bonded pair of physical interfaces
>> (XOR mode) for their single LAN connection.
> Was the bond created before adding the hosts to oVirt, or after adding
> the hosts via oVirt web UI?
> If the switch requires configuration for the bond, is this applied?
> Can you check if the VM can ping the getaway, if you use a simple
> Ethernet connection instead of the bond?
>
>> Did I miss something in the docs where these are a problem?
>>
>> Dominik, to answer your thoughts earlier:
>>
>> * name resolution isn't happening at all, the VM can't reach a DNS
>> server
>>
>> * I don't manage the data center network gear but am pretty sure
>> there's no configuration that blocks traffic. This is supported by my
>> temporary success on Friday. And we also have other virtualization
>> hosts (VMWare hosts) in the same subnet, that forward traffic to/from
>> their VMs just fine.
>>
> OK, L3 seems to work now sometimes.
>
>> * tcpdump on the host's ovirtmgmt interface is pretty noisy but if I
>> grep for the ubuntu DDNS name I see a slew of ARP requests. I can see
>> pings to the host's IP address, and attempts to SSH from the VM to
>> its host. Any attempt to touch anything past the host shows nothing
>> on any interface in tcpdump, not a ping to the subnet gateway, not an
>> SSH attempt, not a DNS query or a ping to known IP address.
>>
> The outgoing ARP requests looks like the traffic of the VM is forwarded
> to ovirtmgmt.
> Do you see ARP reply to the VM?
> Maybe the VM fails to get the MAC address of the gateway.
>
>> * hot damn, here's a clue! I can ping other oVirt hosts! (by IP only)
>> I also tried pinging the ovirt-engine box, wasn't surprised when that
>> failed as the VM would need to reach the gateway to get to the
>> different subnet.
>>
>> So it appears that even though I've set up the ovirtmgmt network
>> using defaults, and it has the "VM Network" option checked, my
>> logical network is still set to only allow traffic between the VMs
>> and hosts.
>>
>> What am I missing?
>>
>> -randy
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
>
http://lists.ovirt.org/mailman/listinfo/users
>