6:11 a.m.
This message is in MIME format. Since your mail reader does not
understand
this format, some or all of this message may not be legible.
--B_3550065076_1574590270
Content-type: text/plain;
charset="UTF-8"
Content-transfer-encoding: quoted-printable
Hello,
I have been experimenting with oVirt for the last couple of weeks and I mus=
t say it has a lot of nice features. I really like it, however, I am having=
a heck of a time getting the guest networking all set up correctly. I am ho=
ping that someone can give me a little guidance in figuring this out. I apo=
logize in advance if some of my terminology is off, I am new.
Here is a brief intro to my setup:
I created a Centos 7 VM within a vSphere/ESXI environment and then installe=
d ovirt-engine on it. I also created another Centos 7 VM and set it up as a=
host. I have configured the Cluster and Host via the oVirt Administration =
Portal. For simplicity, I am using the default ovirtmgmt network as my only=
logical network, however I have tried several different schemes with no luc=
k. I have a DHCP server and a DNS server that are siblings to the oVirt hos=
t and the engine. Both the engine and the host have been upgraded to versio=
n 4.0.
The problem:
My thought was that I would have the guest VMs on the oVirt host use my exi=
sting DHCP server to get their IP addresses, at least at first. The problem=
I am having is that the DHCPACK is not making it back across the ovirtmgmt =
bridge and on to the guest. If I tell dhclient(from the guest) to force a B=
roadcast (by using the =E2=80=93B option) on the DHCP server, it will work. This =
is not a solution, just a clue. Another clue is that ARP replies from the g=
ateway don=E2=80=99t make it back to the machine, preventing pings even when I for=
ce the IP. Lastly, If I turn on Port Mirroring, everything works fine, but =
it=E2=80=99s my understanding that this is only for debugging purposes.
What I have tried (in no particular order):
Reading the docs
Turning on VLAN tagging.
Installing the mac-spoofing hook, making the configuration changes to the e=
ngine, and then turning it on in the VM config. I also verified that the =E2=80=
=98filterref=E2=80=99 tag was removed using virsh.
Setting up a second logical network on a different subnet, and connecting i=
t to an additional network interface that I added to the host. On the host,=
I setup dnsmasq as a DNS and DHCP server. I got this working up to the poi=
nt of having the same issues that I was having using the existing DHCP and D=
NS servers on the ovirtmgmt network.
I have tried various changes to iptables as well as the original settings a=
s well as verified that ebtables is not blocking any traffic. I did configu=
re iptables for logging and noticed it was dropping some traffic related to =
DHCP, however it seemed like it was DISCOVER or REQUEST traffic due to the I=
N, OUT, SRC, and DST variables in the log. I have viewed the DHCP server lo=
gs multiple times and I can see that it is receiving the DISCOVER and the RE=
QUEST from my guests MAC and sending the OFFER and ACK consistently.
Setting SELinux to Permissive
Setting ip_forward to 1
Turning STP ON on the bridge
Changing the bridge delay
Setting up a dhcrelay using dnsmasq (not sure I implemented this right thou=
gh)
I am really shooting in the dark when it comes to networking because I am l=
earning a lot of this on the fly. I feel like I must have a misconception =
about how networking should work with oVirt. Is my entire approach na=C3=AFve? =
Any help/guidance that someone could offer would be much appreciated.
Thanks,
Clint
--B_3550065076_1574590270
Content-type: text/html;
charset="UTF-8"
Content-transfer-encoding: quoted-printable
<html><head></head><body style=3D"word-wrap: break-word;
-webkit-nbsp-mode: s=
pace; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size:=
14px; font-family: Calibri,
sans-serif;"><div>Hello,</div><div><br></div><d=
iv>I have been experimenting with oVirt for the last couple of weeks and I m=
ust say it has a lot of nice features. I really like it, however, I am=
having a heck of a time getting the guest networking all set up correctly. =
I am hoping that someone can give me a little guidance in figuring this out.=
I apologize in advance if some of my terminology is off, I am n=
ew.</div><div><br></div><div>Here is a brief intro to my
setup:</div><div>I =
created a Centos 7 VM within a vSphere/ESXI environment and then installed o=
virt-engine on it. I also created another Centos 7 VM and set it up as=
a host. I have configured the Cluster and Host via the oVirt Administ=
ration Portal. For simplicity, I am using the default ovirtmgmt networ=
k as my only logical network, however I have tried several different schemes=
with no luck. I have a DHCP server and a DNS server that are siblings=
to the oVirt host and the engine. Both the engine and the host have b=
een upgraded to version 4.0.</div><div><br></div><div>The
problem:</div><div=
My thought was that I would have the guest VMs on the oVirt host use
my exi=
sting DHCP server to get their IP addresses, at least at first.
The pr=
oblem I am having is that the DHCPACK is not making it back across the ovirt=
mgmt bridge and on to the guest. If I tell dhclient(from the guest) to=
force a Broadcast (by using the –B option) on the DHCP server, it wil=
l work. This is not a solution, just a clue. Another clue is tha=
t ARP replies from the gateway don’t make it back to the machine, prev=
enting pings even when I force the IP. Lastly, If I turn on Port Mirro=
ring, everything works fine, but it’s my understanding that this is on=
ly for debugging purposes.</div><div><br></div><div>What I
have tried (in no=
particular order):</div><ul><li>Reading the
docs</li><li>Turning on VLAN ta=
gging.</li><li>Installing the mac-spoofing hook, making the configuration ch=
anges to the engine, and then turning it on in the VM config. I also v=
erified that the ‘filterref’ tag was removed using
virsh.</li><l=
i>Setting up a second logical network on a different subnet, and connecting =
it to an additional network interface that I added to the host. On the=
host, I setup dnsmasq as a DNS and DHCP server. I got this working up=
to the point of having the same issues that I was having using the existing=
DHCP and DNS servers on the ovirtmgmt network.</li><li>I have tried various=
changes to iptables as well as the original settings as well as verified th=
at ebtables is not blocking any traffic. I did configure iptables for =
logging and noticed it was dropping some traffic related to DHCP, however it=
seemed like it was DISCOVER or REQUEST traffic due to the IN, OUT, SRC, and=
DST variables in the log. I have viewed the DHCP server logs multiple=
times and I can see that it is receiving the DISCOVER and the REQUEST from =
my guests MAC and sending the OFFER and ACK consistently.</li><li>Setting SE=
Linux to Permissive</li><li>Setting ip_forward to
1</li><li>Turning STP ON o=
n the bridge</li><li>Changing the bridge delay</li><li>Setting up
a dhcrelay=
using dnsmasq (not sure I implemented this right
though)</li></ul><div>I am=
really shooting in the dark when it comes to networking because I am learni=
ng a lot of this on the fly. I feel like I must have a misconception =
about how networking should work with oVirt. Is my entire approach na=C3=
=AFve? Any help/guidance that someone could offer would be much appreciated.</=
div><div><br></div><div>Thanks,</div><div>Clint</div><div><br></div><div><br=
</div><div><br></div><div><div
id=3D"MAC_OUTLOOK_SIGNATURE"></div></div></bod=
y></html>
--B_3550065076_1574590270--