DHCP Client in Guest VM does not work on ovirtmgmt
Hello, Is there any special config to usage dhcp client on Guest VM using ovirtmgmt/ovirtmgmt vnic profile ? Currently I have a VM using the ovirtmgmt/ovirtmgmt NIC profile and this interface is configured as DHCP client, and this does not work when using ovirtmgmt/ovirtmgmt as NIC profile. But if I assign manual IP address from the same range of DHCP server the comunication it works. And If usage other NIC profile in other VLAN with other DHCP server it works. It seems ovirtmgmt/ovirtmgmt profile filter the DHCP protocol. Could someone has idea to allow DHCP protocol works on ovirtmgmt/ovirtmgmt NIC profile? Best regards Carlos
Only to increase the details? With tcpdump on ovirt node it seems that DHCP is pass by interfaces [root@srv-virt8 ~]# tcpdump -i any -pvn port 67 and port 68 tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes 16:16:52.605855 ethertype IPv4, IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 172.20.0.254.bootps > 172.20.0.228.bootpc: BOOTP/DHCP, Reply, length 300, xid 0x2f8f346e, Flags [none] Your-IP 172.20.0.228 Client-Ethernet-Address 56:6f:a5:6a:00:06 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Offer Server-ID Option 54, length 4: 172.20.0.254 Lease-Time Option 51, length 4: 7200 Subnet-Mask Option 1, length 4: 255.255.255.0 Default-Gateway Option 3, length 4: 172.20.0.254 Domain-Name Option 15, length 19: "mydomain.com" Domain-Name-Server Option 6, length 4: 172.20.0.254 16:16:52.605855 ethertype IPv4, IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 172.20.0.254.bootps > 172.20.0.228.bootpc: BOOTP/DHCP, Reply, length 300, xid 0x2f8f346e, Flags [none] Your-IP 172.20.0.228 Client-Ethernet-Address 56:6f:a5:6a:00:06 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Offer Server-ID Option 54, length 4: 172.20.0.254 Lease-Time Option 51, length 4: 7200 Subnet-Mask Option 1, length 4: 255.255.255.0 Default-Gateway Option 3, length 4: 172.20.0.254 Domain-Name Option 15, length 19: "mydomain.com" Domain-Name-Server Option 6, length 4: 172.20.0.254 16:16:52.605855 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 172.20.0.254.bootps > 172.20.0.228.bootpc: BOOTP/DHCP, Reply, length 300, xid 0x2f8f346e, Flags [none] Your-IP 172.20.0.228 Client-Ethernet-Address 56:6f:a5:6a:00:06 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Offer Server-ID Option 54, length 4: 172.20.0.254 Lease-Time Option 51, length 4: 7200 Subnet-Mask Option 1, length 4: 255.255.255.0 Default-Gateway Option 3, length 4: 172.20.0.254 Domain-Name Option 15, length 19: "mydomain.com" Domain-Name-Server Option 6, length 4: 172.20.0.254
I'm having the same problem :( My guest vms with nick profile on ovirtmgm does not get address by dhcp client. How can I fix it? cheers im
FYI my tcpdump show the same result as you posted. But the guest vm no receive the address. Any idea:?
Hi Dominik, Im my case, I dont have filter definied on ovirtmgmt vNIC profile, but with or without filter (even VM is stoped) the DHCP does not work. it follow the tcpdump from VM =============================== 12:09:55.868278 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:00, length 300, xid 0xdfacfc49, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:00 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Hostname Option 12, length 4: "MyVM" Parameter-Request Option 55, length 13: Subnet-Mask, BR, Time-Zone, Default-Gateway Domain-Name, Domain-Name-Server, Option 119, Hostname Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route NTP 12:09:55.868295 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:00, length 300, xid 0xdfacfc49, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:00 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Hostname Option 12, length 4: "MyVM" Parameter-Request Option 55, length 13: Subnet-Mask, BR, Time-Zone, Default-Gateway Domain-Name, Domain-Name-Server, Option 119, Hostname Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route NTP 12:09:59.387465 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:00, length 300, xid 0xdfacfc49, secs 4, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:00 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Hostname Option 12, length 4: "MyVM" Parameter-Request Option 55, length 13: Subnet-Mask, BR, Time-Zone, Default-Gateway Domain-Name, Domain-Name-Server, Option 119, Hostname Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route NTP 12:09:59.387596 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:00, length 300, xid 0xdfacfc49, secs 4, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:00 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Hostname Option 12, length 4: "MyVM" Parameter-Request Option 55, length 13: Subnet-Mask, BR, Time-Zone, Default-Gateway Domain-Name, Domain-Name-Server, Option 119, Hostname Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route NTP 12:09:59.387615 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:00, length 300, xid 0xdfacfc49, secs 4, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:00 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Hostname Option 12, length 4: "MyVM" Parameter-Request Option 55, length 13: Subnet-Mask, BR, Time-Zone, Default-Gateway Domain-Name, Domain-Name-Server, Option 119, Hostname Netbios-Name-Server, Netbios-Scope, MTU, Classless-Static-Route NTP 12:09:59.506976 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:06, length 300, xid 0xb1f42538, secs 60, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:06 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 7: ether 56:6f:a5:6a:00:06 Hostname Option 12, length 8: "MyROuter" Parameter-Request Option 55, length 10: Subnet-Mask, BR, Time-Zone, Classless-Static-Route Default-Gateway, Domain-Name, Domain-Name-Server, Hostname Option 119, MTU 12:09:59.507009 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:06, length 300, xid 0xb1f42538, secs 60, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:06 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 7: ether 56:6f:a5:6a:00:06 Hostname Option 12, length 8: "MyROuter" Parameter-Request Option 55, length 10: Subnet-Mask, BR, Time-Zone, Classless-Static-Route Default-Gateway, Domain-Name, Domain-Name-Server, Hostname Option 119, MTU 12:09:59.507016 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:06, length 300, xid 0xb1f42538, secs 60, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:06 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 7: ether 56:6f:a5:6a:00:06 Hostname Option 12, length 8: "MyROuter" Parameter-Request Option 55, length 10: Subnet-Mask, BR, Time-Zone, Classless-Static-Route Default-Gateway, Domain-Name, Domain-Name-Server, Hostname Option 119, MTU 12:10:02.607204 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:05, length 300, xid 0x1224b282, secs 48, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:05 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 7: ether 56:6f:a5:6a:00:05 Hostname Option 12, length 8: "MyROuter" Parameter-Request Option 55, length 10: Subnet-Mask, BR, Time-Zone, Classless-Static-Route Default-Gateway, Domain-Name, Domain-Name-Server, Hostname Option 119, MTU 12:10:02.607247 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:05, length 300, xid 0x1224b282, secs 48, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:05 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 7: ether 56:6f:a5:6a:00:05 Hostname Option 12, length 8: "MyROuter" Parameter-Request Option 55, length 10: Subnet-Mask, BR, Time-Zone, Classless-Static-Route Default-Gateway, Domain-Name, Domain-Name-Server, Hostname Option 119, MTU 12:10:02.607255 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 56:6f:a5:6a:00:05, length 300, xid 0x1224b282, secs 48, Flags [none] Client-Ethernet-Address 56:6f:a5:6a:00:05 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 7: ether 56:6f:a5:6a:00:05 Hostname Option 12, length 8: "MyROuter" Parameter-Request Option 55, length 10: Subnet-Mask, BR, Time-Zone, Classless-Static-Route Default-Gateway, Domain-Name, Domain-Name-Server, Hostname Option 119, MTU
Currently the vNIC profile is withou filter https://pasteboard.co/IEddhcC.png
Hi, any suggestion about it?
On Fri, Oct 25, 2019 at 3:07 AM <ccesario@blueit.com.br> wrote:
Please share the versions used on the host and guest. Have you upgraded or change something? (by versions, I mean OS, oVirt and anything you think is related) A fast and dirty check will be to examine if this is caused with firewalld on the host or guest. Please try to disable it and make sure no iptables settings appear.
Hi Edward, My Ovirt version is Node -------- OS Version: RHEL - 7 - 7.1908.0.el7.centos OS Description: oVirt Node 4.3.6 Kernel Version: 3.10.0 - 1062.1.1.el7.x86_64 KVM Version: 2.12.0 - 33.1.el7 LIBVIRT Version: libvirt-4.5.0-23.el7_7.1 VDSM Version: vdsm-4.30.33-1.el7 SPICE Version: 0.14.0 - 7.el7 GlusterFS Version: glusterfs-6.5-1.el7 CEPH Version: librbd1-10.2.5-4.el7 Open vSwitch Version: openvswitch-2.11.0-4.el7 Kernel Features: PTI: 1, IBRS: 0, RETP: 1, SSBD: 3 VNC Encryption: Disabled Ovirt mgmt interface has configured with 3 NIC interfaces as bond mode 2 Ovirt Engine ----------------- ovirt-engine-4.3.6.6-1.el7.noarch Guest OS ------------- Tested With - CentOS 6 - Freeebsd 11 - Debian 8.11 No success! I already tested with firewalld disable but without success. [root@nodekvm01 vdsm]# service firewalld status Redirecting to /bin/systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2019-10-28 13:52:57 -03; 2 days ago Docs: man:firewalld(1) Main PID: 2422 (firewalld) Tasks: 2 CGroup: /system.slice/firewalld.service └─2422 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -D l...n?). Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...t4'. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Hint: Some lines were ellipsized, use -l to show in full. [root@nodekvm01 vdsm]# service firewalld stop Redirecting to /bin/systemctl stop firewalld.service [root@nodekvm01 vdsm]# service firewalld status Redirecting to /bin/systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: inactive (dead) since Wed 2019-10-30 14:51:40 -03; 1s ago Docs: man:firewalld(1) Process: 2422 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS) Main PID: 2422 (code=exited, status=0/SUCCESS) Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...t4'. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Oct 30 14:51:40 nodekvm01.mydomain.local systemd[1]: Stopping firewalld - dynamic firewall daemon... Oct 30 14:51:40 nodekvm01.mydomain.local systemd[1]: Stopped firewalld - dynamic firewall daemon. Hint: Some lines were ellipsized, use -l to show in full. [root@nodekvm01 vdsm]# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Team, I have issues like this with bonding interface. It was problem with SWITCH side. BR, Deepwan Inc On Wed, Oct 30, 2019 at 9:26 PM +0300, "ccesario@blueit.com.br" <ccesario@blueit.com.br<mailto:ccesario@blueit.com.br>> wrote: Hi Edward, My Ovirt version is Node -------- OS Version: RHEL - 7 - 7.1908.0.el7.centos OS Description: oVirt Node 4.3.6 Kernel Version: 3.10.0 - 1062.1.1.el7.x86_64 KVM Version: 2.12.0 - 33.1.el7 LIBVIRT Version: libvirt-4.5.0-23.el7_7.1 VDSM Version: vdsm-4.30.33-1.el7 SPICE Version: 0.14.0 - 7.el7 GlusterFS Version: glusterfs-6.5-1.el7 CEPH Version: librbd1-10.2.5-4.el7 Open vSwitch Version: openvswitch-2.11.0-4.el7 Kernel Features: PTI: 1, IBRS: 0, RETP: 1, SSBD: 3 VNC Encryption: Disabled Ovirt mgmt interface has configured with 3 NIC interfaces as bond mode 2 Ovirt Engine ----------------- ovirt-engine-4.3.6.6-1.el7.noarch Guest OS ------------- Tested With - CentOS 6 - Freeebsd 11 - Debian 8.11 No success! I already tested with firewalld disable but without success. [root@nodekvm01 vdsm]# service firewalld status Redirecting to /bin/systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2019-10-28 13:52:57 -03; 2 days ago Docs: man:firewalld(1) Main PID: 2422 (firewalld) Tasks: 2 CGroup: /system.slice/firewalld.service └─2422 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -D l...n?). Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...t4'. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Hint: Some lines were ellipsized, use -l to show in full. [root@nodekvm01 vdsm]# service firewalld stop Redirecting to /bin/systemctl stop firewalld.service [root@nodekvm01 vdsm]# service firewalld status Redirecting to /bin/systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: inactive (dead) since Wed 2019-10-30 14:51:40 -03; 1s ago Docs: man:firewalld(1) Process: 2422 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS) Main PID: 2422 (code=exited, status=0/SUCCESS) Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X F...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -F H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ip6tables -w10 -w -X H...ame. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...t4'. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Oct 29 09:33:54 nodekvm01.mydomain.local firewalld[2422]: WARNING: COMMAND_FAILED: '/usr/sbin/ebtables --concurrent ...ist. Oct 30 14:51:40 nodekvm01.mydomain.local systemd[1]: Stopping firewalld - dynamic firewall daemon... Oct 30 14:51:40 nodekvm01.mydomain.local systemd[1]: Stopped firewalld - dynamic firewall daemon. Hint: Some lines were ellipsized, use -l to show in full. [root@nodekvm01 vdsm]# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/FUQH5VKX77BWNI...
Hey Carlos, Im still having the same problem here. My bond interface is configured as mode=2 same you. I tested in other server Bond Interface with mode 2 vlan and bridge interface using this bond as DHCP client and it works. But using ovirt no sucess. Did you discovery anything? regards
Hi @hotomoc, Nothing, it seems there are some filter or like this. Maybe some expert could help us. regards Carlos
Hi Edward, Yes, it is disabled . As screenshot. https://pasteboard.co/IEZS49Z.png And I already tested some filter as clean-traffic-gateway, but no success. Any other idea? Regards Carlos
I thought that was it. I remembered some experience I had with a test install that recommended turning the network filter off. You probably already did this, but when you turn off filtering or make other changes to the logical network like MTU size you must completely shutdown the attached VMs and restart them from oVIrt engine to pickup the change for their network interface. Restarting networking in a VM from within its OS won't pick up the logical network change at the necessary KVM/qemu/libvirt levels. There should a way to verify the various virtual interfaces don't have any filtering configured or enabled, On Sun, Nov 3, 2019 at 11:16 AM <ccesario@blueit.com.br> wrote:
On Mon, Nov 4, 2019 at 1:46 PM <ccesario@blueit.com.br> wrote:
Hello, can you see the traffic on the tap e.g. vnet0 device that is attached to the VM? Traffic filtering from libvirt is stored in ebtables. Can you take a look into them and see if there is any suspicious rule? (ebtables -L) Maybe track the packet drop here if your VM is sending DHCP requests. If everything there seems alright. I would suggest going through the chain and check the bridge interface if the DHCP packets are going through it. Hopefully this helps. Regards, Ales
-- Ales Musil Associate Software Engineer - RHV Network Red Hat EMEA <https://www.redhat.com> amusil@redhat.com IM: amusil <https://red.ht/sig>
On Mon, Nov 4, 2019 at 8:10 PM <ccesario@blueit.com.br> wrote:
Ah my bad it is ebtables -t nat -L.
Can you share how your network topology of the host?
-- Ales Musil Associate Software Engineer - RHV Network Red Hat EMEA <https://www.redhat.com> amusil@redhat.com IM: amusil <https://red.ht/sig>
Hi Ales,
https://pasteboard.co/IFgX5xT.png https://pasteboard.co/IFgXxBY.png https://pasteboard.co/IFgXX9q.png Best regards, Carlos
Hi Ales, have you any new tip about this? regards, Carlos
The output of "tcpdump -i ovirtmgmt -pvn port 67 and port 68" in https://pastebin.com/a2DEyL0e looks like the DHCP reply does not reach the ovirtmgmt bridge. Is the ovirtmgmt bridge / network attachment on the host able to receive configuration by DHCP? On Wed, Nov 6, 2019 at 7:08 PM <ccesario@blueit.com.br> wrote:
Yes, it is able, it is on the same VLAN. If I configure the ovirtmgmt interface as DHCP, it works. The DHCP delivery IP to ovirtmgmt interface. The problem it seems with VMS using this network.
On Wed, Nov 6, 2019 at 7:08 PM <ccesario(a)blueit.com.br> wrote:
Best regards Carlos
Hi folks, After several tests and a bit talk with Dominik via IRC, the problem it was found. To sum up, the problem it was in my side, once Im using bonding mode 2 (I read in some local that no needed switch config), but Dominik correct me that it is needed a config in switch side. After it the DHCP client it worked as expected. IMHO would be nice, Ovirt support bond0 or nic teaming, like VMware, where in some cases there is no needed special config on network/switch side and we still have some redundancy and availability. Thank you all by help. Regards Carlos
参加者 (7)
-
Ales Musil -
Artem Evseenkov -
ccesario@blueit.com.br -
Dominik Holler -
Edward Berger -
Edward Haas -
hotomoc@mailseo.net