On Dec 3, 2016 11:18 PM, "Chris Cowley" <chris@chriscowley.me.uk> wrote:

Evening all

I am struggling to get VMs on a tagged VLAN with oVirt to communicate
with a physical machine that is 'untagged' on that VLAN.

This VLAN is tagged on the port for my ovirt host, and any VMs attached
to that network work perfectly within oVirt (single host). On that host
I have added an IP on that VLAN too.

On a couple of host other physical machines, it is connected on to that
VLAN untagged and another is on it tagged. They communicate fine, and
also with the oVirt host on that VLAN. No traffic goes to or from the
VMs however.

https://www.draw.io/i/EiXgaUi

As my switch is doing tagging/untagging should I be importing the
network? If that is the case, err, how?

When you define a VM network in ovirt, it either globally has a vlan tag, or has not. This cannot be con trolled per host.

However, you could set a before-network-setup vdsm hook. When Engine asks the host to create a tagged network, the hook would modify the request to an untagged network.

Then, traffic from vms running on that host would be tagged only by the switch (I assume that now it ends up q-in-q).

If you end up writing this hook, please share it with us. You can look into vdsm-hook-fcoe for a (completely different) network hook.