This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible.
My thought was that I would have the guest VMs on the oVirt host use my exi= sting DHCP server to get their IP addresses, at least at first. The pr= oblem I am having is that the DHCPACK is not making it back across the ovirt= mgmt bridge and on to the guest. If I tell dhclient(from the guest) to= force a Broadcast (by using the –B option) on the DHCP server, it wil= l work. This is not a solution, just a clue. Another clue is tha= t ARP replies from the gateway don’t make it back to the machine, prev= enting pings even when I force the IP. Lastly, If I turn on Port Mirro= ring, everything works fine, but it’s my understanding that this is on= ly for debugging purposes.</div><div><br></div><div>What I have tried (in no=
--B_3550065076_1574590270 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable Hello, I have been experimenting with oVirt for the last couple of weeks and I mus= t say it has a lot of nice features. I really like it, however, I am having= a heck of a time getting the guest networking all set up correctly. I am ho= ping that someone can give me a little guidance in figuring this out. I apo= logize in advance if some of my terminology is off, I am new. Here is a brief intro to my setup: I created a Centos 7 VM within a vSphere/ESXI environment and then installe= d ovirt-engine on it. I also created another Centos 7 VM and set it up as a= host. I have configured the Cluster and Host via the oVirt Administration = Portal. For simplicity, I am using the default ovirtmgmt network as my only= logical network, however I have tried several different schemes with no luc= k. I have a DHCP server and a DNS server that are siblings to the oVirt hos= t and the engine. Both the engine and the host have been upgraded to versio= n 4.0. The problem: My thought was that I would have the guest VMs on the oVirt host use my exi= sting DHCP server to get their IP addresses, at least at first. The problem= I am having is that the DHCPACK is not making it back across the ovirtmgmt = bridge and on to the guest. If I tell dhclient(from the guest) to force a B= roadcast (by using the =E2=80=93B option) on the DHCP server, it will work. This = is not a solution, just a clue. Another clue is that ARP replies from the g= ateway don=E2=80=99t make it back to the machine, preventing pings even when I for= ce the IP. Lastly, If I turn on Port Mirroring, everything works fine, but = it=E2=80=99s my understanding that this is only for debugging purposes. What I have tried (in no particular order): Reading the docs Turning on VLAN tagging. Installing the mac-spoofing hook, making the configuration changes to the e= ngine, and then turning it on in the VM config. I also verified that the =E2=80= =98filterref=E2=80=99 tag was removed using virsh. Setting up a second logical network on a different subnet, and connecting i= t to an additional network interface that I added to the host. On the host,= I setup dnsmasq as a DNS and DHCP server. I got this working up to the poi= nt of having the same issues that I was having using the existing DHCP and D= NS servers on the ovirtmgmt network. I have tried various changes to iptables as well as the original settings a= s well as verified that ebtables is not blocking any traffic. I did configu= re iptables for logging and noticed it was dropping some traffic related to = DHCP, however it seemed like it was DISCOVER or REQUEST traffic due to the I= N, OUT, SRC, and DST variables in the log. I have viewed the DHCP server lo= gs multiple times and I can see that it is receiving the DISCOVER and the RE= QUEST from my guests MAC and sending the OFFER and ACK consistently. Setting SELinux to Permissive Setting ip_forward to 1 Turning STP ON on the bridge Changing the bridge delay Setting up a dhcrelay using dnsmasq (not sure I implemented this right thou= gh) I am really shooting in the dark when it comes to networking because I am l= earning a lot of this on the fly. I feel like I must have a misconception = about how networking should work with oVirt. Is my entire approach na=C3=AFve? = Any help/guidance that someone could offer would be much appreciated. Thanks, Clint --B_3550065076_1574590270 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable <html><head></head><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: s= pace; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size:= 14px; font-family: Calibri, sans-serif;"><div>Hello,</div><div><br></div><d= iv>I have been experimenting with oVirt for the last couple of weeks and I m= ust say it has a lot of nice features. I really like it, however, I am= having a heck of a time getting the guest networking all set up correctly. = I am hoping that someone can give me a little guidance in figuring this out.= I apologize in advance if some of my terminology is off, I am n= ew.</div><div><br></div><div>Here is a brief intro to my setup:</div><div>I = created a Centos 7 VM within a vSphere/ESXI environment and then installed o= virt-engine on it. I also created another Centos 7 VM and set it up as= a host. I have configured the Cluster and Host via the oVirt Administ= ration Portal. For simplicity, I am using the default ovirtmgmt networ= k as my only logical network, however I have tried several different schemes= with no luck. I have a DHCP server and a DNS server that are siblings= to the oVirt host and the engine. Both the engine and the host have b= een upgraded to version 4.0.</div><div><br></div><div>The problem:</div><div= particular order):</div><ul><li>Reading the docs</li><li>Turning on VLAN ta= gging.</li><li>Installing the mac-spoofing hook, making the configuration ch= anges to the engine, and then turning it on in the VM config. I also v= erified that the ‘filterref’ tag was removed using virsh.</li><l= i>Setting up a second logical network on a different subnet, and connecting = it to an additional network interface that I added to the host. On the= host, I setup dnsmasq as a DNS and DHCP server. I got this working up= to the point of having the same issues that I was having using the existing= DHCP and DNS servers on the ovirtmgmt network.</li><li>I have tried various= changes to iptables as well as the original settings as well as verified th= at ebtables is not blocking any traffic. I did configure iptables for = logging and noticed it was dropping some traffic related to DHCP, however it= seemed like it was DISCOVER or REQUEST traffic due to the IN, OUT, SRC, and= DST variables in the log. I have viewed the DHCP server logs multiple= times and I can see that it is receiving the DISCOVER and the REQUEST from = my guests MAC and sending the OFFER and ACK consistently.</li><li>Setting SE= Linux to Permissive</li><li>Setting ip_forward to 1</li><li>Turning STP ON o= n the bridge</li><li>Changing the bridge delay</li><li>Setting up a dhcrelay= using dnsmasq (not sure I implemented this right though)</li></ul><div>I am= really shooting in the dark when it comes to networking because I am learni= ng a lot of this on the fly. I feel like I must have a misconception = about how networking should work with oVirt. Is my entire approach na=C3= =AFve? Any help/guidance that someone could offer would be much appreciated.</= div><div><br></div><div>Thanks,</div><div>Clint</div><div><br></div><div><br=
</div><div><br></div><div><div id=3D"MAC_OUTLOOK_SIGNATURE"></div></div></bod= y></html>
--B_3550065076_1574590270--