Hello,

I'm trying to setup a new ovirt install and have run into some general issues that I hope someone can help with.

I'm somewhat new to ovirt (but not virtualization).

First off, I've been doing lots of reading and I can't seem to find what the generally accepted method is for firewalling access between networks and VMs is in ovirt?  I see references to network filters, but no obvious ways to set ports or modify the configuration beyond a set list of general good-practice policies (no arp spoofing, etc).

What do people use in a production environment?  Trunk out to an external firewall and do the filtering there?  Run iptables or some rules locally in each VM? Or just run pfSense or other firewall software as another VM and manage it there?

And lastly, I'm trying to setup a new interface using the external ovn provider but am having problems.

I can define the external provider network just fine (not connected to physical network), but can't seem to actually use it.

When I create a new VM and assign the new network to an associated interface, the VM fails to start.

The error I get is:

"VM testvm is down with error. Exit message: Cannot get interface MTU on 'br-int': No such device."

Am I missing something obvious here?

I'm running oVirt 4.2.7 with the latest oVirt Node on a few hosts (also 4.2.7).

All my configuration has been via the web interface so far.

Sincerely,
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/TGPKRCARFQOMQFND5KWGSGLVCEEUO4AV/