Port security requires subnets.
Can you please ensure that you used an external network with port security explicitly disabled?
In doubt, please create a new external network with port security explicitly disabled and try again with the new network?

On Tue, Mar 31, 2020 at 2:16 PM Tommaso - Shellrent <tommaso@shellrent.com> wrote:

This is what i've got:



ovs-vsctl show
03a038d4-e81c-45e0-94d1-6f18d6504f1f
    Bridge br-int
        fail_mode: secure
        Port "ovn-765f43-0"
            Interface "ovn-765f43-0"
                type: geneve
                options: {csum="true", key=flow, remote_ip="xxx.169.yy.6"}
        Port br-int
            Interface br-int
                type: internal
        Port "vnet1"
            Interface "vnet1"
        Port "ovn-b33f6e-0"
            Interface "ovn-b33f6e-0"
                type: geneve
                options: {csum="true", key=flow, remote_ip="xxx.169.yy.2"}
        Port "vnet3"
            Interface "vnet3"
        Port "ovn-8678d9-0"
            Interface "ovn-8678d9-0"
                type: geneve
                options: {csum="true", key=flow, remote_ip="xxx.169.yy.8"}
        Port "ovn-fdd090-0"
            Interface "ovn-fdd090-0"
                type: geneve
                options: {csum="true", key=flow, remote_ip="xxx.169.yy.4"}
    ovs_version: "2.11.0"


I suppose that the vnic are:
Port "vnet1"
            Interface "vnet1"
Port "vnet3"
            Interface "vnet3"




on the engine:
ovn-nbctl show
switch a1f30e99-3ab7-46a4-925d-287871905cab (ovirt-local_network_definitiva-d58aea97-bb20-4e8f-bcc3-5277754846bb)
    port b82f3479-b459-4c26-aff0-053d15c74ddd
        addresses: ["56:6f:96:b1:00:4c"]
    port 52f09a28-1645-45ff-9b84-1e53a81bb399
        addresses: ["56:6f:96:b1:00:4b"]


ovn-sbctl show

Chassis "ab5bdfdd-8df4-4e9b-9ce9-565cfd513a4d"
    hostname: "pvt-41f18-002.serverlet.com"
    Encap geneve
        ip: "aaa.31.bbb.224"
        options: {csum="true"}
    Port_Binding "b82f3479-b459-4c26-aff0-053d15c74ddd"
    Port_Binding "52f09a28-1645-45ff-9b84-1e53a81bb399"


Il 31/03/20 13:39, Staniforth, Paul ha scritto:
The engine runs the controller so ovn-sbctl won't work, on the hosts, use ovs-vsctl show

Paul S.
From: Tommaso - Shellrent <tommaso@shellrent.com>
Sent: 31 March 2020 12:13
To: Staniforth, Paul <P.Staniforth@leedsbeckett.ac.uk>; users@ovirt.org <users@ovirt.org>
Subject: Re: [ovirt-users] Local network
 

Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe.

Hi.

 on engine all seems fine.

on host the command "ovn-sbctl show" is stuck, and with a strace a se the following error:


connect(5, {sa_family=AF_LOCAL, sun_path="/var/run/openvswitch/ovnsb_db.sock"}, 37) = -1 ENOENT (No such file or directory)






Il 31/03/20 11:18, Staniforth, Paul ha scritto:

.Hello Tommaso,
                           on your oVirt engine host run
check the north bridge controller
ovn-nbctl show
this should show a software switch for each ovn logical network witch any ports that are active( in your case you should have 2)

check the south bridge controller
ovn-sbctl show
this should show the software switch on each host with a geneve tunnel.

on each host run
ovs-vsctl show
this should show the virtual switch with a geneve tunnel to each other host and a port for any active vnics

Regards,
                Paul S.

From: Tommaso - Shellrent <tommaso@shellrent.com>
Sent: 31 March 2020 09:27
To: users@ovirt.org <users@ovirt.org>
Subject: [ovirt-users] Local network
 

Caution External Mail: Do not click any links or open any attachments unless you trust the sender and know that the content is safe.

Hi to all.

   I'm trying to connect two vm, on the same "local storage" host, with an internal isolated network.

My setup;

VM A:

  • eth0 with an external ip
  • eth1, with 1922.168.1.1/24

VM B

  • eth0 with an external ip
  • eth1, with 1922.168.1.2/24

the eth1 interfaces are connetter by a network created on external provider ovirt-network-ovn , whithout a subnet defined.

Now, the external ip works fine, but the two vm cannot connect through the local network

ping: ko
arping: ko


any idea to what to check?


Regards

--
--    
Shellrent - Il primo hosting italiano Security First
Tommaso De Marchi
COO - Chief Operating Officer
Shellrent Srl
Via dell'Edilizia, 19 - 36100 Vicenza
Tel. 0444321155 | Fax 04441492177
To view the terms under which this email is distributed, please go to:-
http://leedsbeckett.ac.uk/disclaimer/email/
--
--    
Shellrent - Il primo hosting italiano Security First
Tommaso De Marchi
COO - Chief Operating Officer
Shellrent Srl
Via dell'Edilizia, 19 - 36100 Vicenza
Tel. 0444321155 | Fax 04441492177
To view the terms under which this email is distributed, please go to:-
http://leedsbeckett.ac.uk/disclaimer/email/
--
--    
Shellrent - Il primo hosting italiano Security First
Tommaso De Marchi
COO - Chief Operating Officer
Shellrent Srl
Via dell'Edilizia, 19 - 36100 Vicenza
Tel. 0444321155 | Fax 04441492177
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/Y7KU2IVEHXHX3PB24KLSVSJUSOVH5S62/