[Users] Create VLAN for WAN traffic
I'm not very knowledgeable in VLANs. Sorry for the lack of knowledge in advance. Is it possible to create a VLAN for WAN traffic, to separate it from the internal network? I'd imagine so. It was a automated and simple process when use XenServer. I'm trying to switch from Xen to oVirt and when trying to recreate this, I'm unable to ping out from the VM. This leads me to believe the VLAN was created incorrectly. I created ifcfg-br1 on the host and through the engine, created the logical network with VLAN tagging 20. Does the interface, ifcfg-br1, require a public IP, any IP address, no ip address? (Sorry, never created a VLAN for WAN traffic as it was automated in XenServer) From there I have the VM installed and configured with a public IP address, however, only get Destination Host Unreachable, meaning it has no route out. I am banging my head on the desk trying to figure this out. Can anyone give me any assistance? Thank you, Neil
In a situation like this a common issue is that the host you are pinging does not have a route back to your VLAN so can't send the response. Can you monitor traffic at the destination and see if it's receiving your pings? Can you ping from the other direction? In my general networking experience creating a VLAN is simple. Teaching your LAN about your VLAN is harder, and requires external configuration of routes. -Bob On Dec 30, 2013 1:57 PM, "Neil Schulz" <neil.schulz@neteasy.us> wrote:
I'm not very knowledgeable in VLANs. Sorry for the lack of knowledge in advance.
Is it possible to create a VLAN for WAN traffic, to separate it from the internal network? I'd imagine so. It was a automated and simple process when use XenServer. I'm trying to switch from Xen to oVirt and when trying to recreate this, I'm unable to ping out from the VM.
This leads me to believe the VLAN was created incorrectly. I created ifcfg-br1 on the host and through the engine, created the logical network with VLAN tagging 20. Does the interface, ifcfg-br1, require a public IP, any IP address, no ip address? (Sorry, never created a VLAN for WAN traffic as it was automated in XenServer)
From there I have the VM installed and configured with a public IP address, however, only get Destination Host Unreachable, meaning it has no route out.
I am banging my head on the desk trying to figure this out. Can anyone give me any assistance?
Thank you, Neil _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
And yes, it needs an ip address on a separate network, and your LAN needs to know how to reach the VLAN's network. -Bob On Dec 30, 2013 2:28 PM, "Bob Doolittle" <bob@doolittle.us.com> wrote:
In a situation like this a common issue is that the host you are pinging does not have a route back to your VLAN so can't send the response. Can you monitor traffic at the destination and see if it's receiving your pings? Can you ping from the other direction?
In my general networking experience creating a VLAN is simple. Teaching your LAN about your VLAN is harder, and requires external configuration of routes.
-Bob On Dec 30, 2013 1:57 PM, "Neil Schulz" <neil.schulz@neteasy.us> wrote:
I'm not very knowledgeable in VLANs. Sorry for the lack of knowledge in advance.
Is it possible to create a VLAN for WAN traffic, to separate it from the internal network? I'd imagine so. It was a automated and simple process when use XenServer. I'm trying to switch from Xen to oVirt and when trying to recreate this, I'm unable to ping out from the VM.
This leads me to believe the VLAN was created incorrectly. I created ifcfg-br1 on the host and through the engine, created the logical network with VLAN tagging 20. Does the interface, ifcfg-br1, require a public IP, any IP address, no ip address? (Sorry, never created a VLAN for WAN traffic as it was automated in XenServer)
From there I have the VM installed and configured with a public IP address, however, only get Destination Host Unreachable, meaning it has no route out.
I am banging my head on the desk trying to figure this out. Can anyone give me any assistance?
Thank you, Neil _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
On Mon, Dec 30, 2013 at 7:57 PM, Neil Schulz <neil.schulz@neteasy.us> wrote:
I'm not very knowledgeable in VLANs. Sorry for the lack of knowledge in advance.
Is it possible to create a VLAN for WAN traffic, to separate it from the internal network? I'd imagine so. It was a automated and simple process when use XenServer. I'm trying to switch from Xen to oVirt and when trying to recreate this, I'm unable to ping out from the VM.
This leads me to believe the VLAN was created incorrectly. I created ifcfg-br1 on the host and through the engine, created the logical network with VLAN tagging 20. Does the interface, ifcfg-br1, require a public IP, any IP address, no ip address? (Sorry, never created a VLAN for WAN traffic as it was automated in XenServer)
Assigning an IP-address to a VM network in oVirt is _not_ mandatory, it is only needed for "management" networks (ovirtmgmnt, display, storage) where the _hosts_ need connectivity to resources on that network. Is this a tagged or an untagged vlan? (an untagged vlan means only one vlan per physical interface andneeds no extra configuration on the OS side) Which other (physical) interfaces are in your "br1" interface? Are the (tagged) vlans assigned to this interface? A vlan interface on linux looks like this: "eth0.20" where eth0 is the "physical" interface on which tagged vlans are configured and 20 is the number of one of those interfaces. In the case of an oVirt VM network the physical interface is bridged (and sometimes bonded) so the interface configuration looks like this: "br1.20". The "normal" route for configuring a new network in ovirt is to configure it in the "networks" tab (as a VM network) and then assigin this network to physical- or bonded interfaces on all the hosts in your cluster.
From there I have the VM installed and configured with a public IP address, however, only get Destination Host Unreachable, meaning it has no route out.
I am banging my head on the desk trying to figure this out. Can anyone give me any assistance?
Thank you, Neil _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
This is a multi-part message in MIME format. --------------000902020700050907030604 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit On 12/31/2013 3:02 AM, Sander Grendelman wrote:
On Mon, Dec 30, 2013 at 7:57 PM, Neil Schulz <neil.schulz@neteasy.us <mailto:neil.schulz@neteasy.us>> wrote:
I'm not very knowledgeable in VLANs. Sorry for the lack of knowledge in advance.
Is it possible to create a VLAN for WAN traffic, to separate it from the internal network? I'd imagine so. It was a automated and simple process when use XenServer. I'm trying to switch from Xen to oVirt and when trying to recreate this, I'm unable to ping out from the VM.
This leads me to believe the VLAN was created incorrectly. I created ifcfg-br1 on the host and through the engine, created the logical network with VLAN tagging 20. Does the interface, ifcfg-br1, require a public IP, any IP address, no ip address? (Sorry, never created a VLAN for WAN traffic as it was automated in XenServer)
Assigning an IP-address to a VM network in oVirt is _not_ mandatory, it is only needed for "management" networks (ovirtmgmnt, display, storage) where the _hosts_ need connectivity to resources on that network.
Is this a tagged or an untagged vlan? (an untagged vlan means only one vlan per physical interface andneeds no extra configuration on the OS side) Which other (physical) interfaces are in your "br1" interface? Are the (tagged) vlans assigned to this interface?
A vlan interface on linux looks like this: "eth0.20" where eth0 is the "physical" interface on which tagged vlans are configured and 20 is the number of one of those interfaces.
In the case of an oVirt VM network the physical interface is bridged (and sometimes bonded) so the interface configuration looks like this: "br1.20".
The "normal" route for configuring a new network in ovirt is to configure it in the "networks" tab (as a VM network) and then assigin this network to physical- or bonded interfaces on all the hosts in your cluster.
So the steps I have taken to create this. 1. Assign the 2nd physical interface a static IP. 2. In oVirt Engine, go to "Data Centers" and select "Logical Networks" then "New". For name, something like "public_interface", check "Enable VLAN tagging" and for the field entry, "20". Leave defaults, such as "VM network" checked. 3. Go to "Hosts" then "Network Interfaces" then "Setup Host Networks". Drag "public_interface" to the physical interface, "em2". Save configuration. 4. This shows as "public_interface" (VLAN20) with the green box VM next to it. 5. A fresh installed VM of CentOS6.5 is used with nic1 as "public_interface". 6. After configuring the interface "eth0" with a public IP, I am unable to ping any public IP or hostname. Hopefully there's a flaw in the action I took to configure it and it's a simple fix. Thank you, Neil
From there I have the VM installed and configured with a public IP address, however, only get Destination Host Unreachable, meaning it has no route out.
I am banging my head on the desk trying to figure this out. Can anyone give me any assistance?
Thank you, Neil _______________________________________________ Users mailing list Users@ovirt.org <mailto:Users@ovirt.org> http://lists.ovirt.org/mailman/listinfo/users
--------------000902020700050907030604 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <div class="moz-cite-prefix">On 12/31/2013 3:02 AM, Sander Grendelman wrote:<br> </div> <blockquote cite="mid:CAHa6cRT-j7Gkf-74+YqJExTR77_jfXm+fZqKB4XxvT7PDTax9g@mail.gmail.com" type="cite"> <div dir="ltr"> <div class="gmail_extra"> <div class="gmail_quote">On Mon, Dec 30, 2013 at 7:57 PM, Neil Schulz <span dir="ltr"><<a moz-do-not-send="true" href="mailto:neil.schulz@neteasy.us" target="_blank">neil.schulz@neteasy.us</a>></span> wrote:<br> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">I'm not very knowledgeable in VLANs. Sorry for the lack of knowledge in advance.<br> <br> Is it possible to create a VLAN for WAN traffic, to separate it from the internal network? I'd imagine so. It was a automated and simple process when use XenServer. I'm trying to switch from Xen to oVirt and when trying to recreate this, I'm unable to ping out from the VM.<br> <br> This leads me to believe the VLAN was created incorrectly. I created ifcfg-br1 on the host and through the engine, created the logical network with VLAN tagging 20. Does the interface, ifcfg-br1, require a public IP, any IP address, no ip address? (Sorry, never created a VLAN for WAN traffic as it was automated in XenServer)<br> </blockquote> <div><br> </div> <div>Assigning an IP-address to a VM network in oVirt is _not_ mandatory,<br> it is only needed for "management" networks (ovirtmgmnt, display, storage)<br> where the _hosts_ need connectivity to resources on that network.<br> <br> Is this a tagged or an untagged vlan? (an untagged vlan means only one vlan<br> per physical interface andneeds no extra configuration on the OS side)<br> Which other (physical) interfaces are in your "br1" interface?<br> Are the (tagged) vlans assigned to this interface?<br> <br> </div> <div>A vlan interface on linux looks like this: "eth0.20" where eth0 is the<br> "physical" interface on which tagged vlans are configured and 20 is the<br> number of one of those interfaces.<br> <br> </div> <div>In the case of an oVirt VM network the physical interface is bridged (and sometimes bonded)<br> </div> <div>so the interface configuration looks like this: "br1.20".<br> </div> <div><br> </div> <div>The "normal" route for configuring a new network in ovirt is to configure it in the "networks" tab<br> (as a VM network) and then assigin this network to physical- or bonded interfaces on all the<br> hosts in your cluster.<br> </div> <div><br> </div> </div> </div> </div> </blockquote> So the steps I have taken to create this.<br> 1. Assign the 2nd physical interface a static IP.<br> 2. In oVirt Engine, go to "Data Centers" and select "Logical Networks" then "New". For name, something like "public_interface", check "Enable VLAN tagging" and for the field entry, "20". Leave defaults, such as "VM network" checked.<br> 3. Go to "Hosts" then "Network Interfaces" then "Setup Host Networks". Drag "public_interface" to the physical interface, "em2". Save configuration.<br> 4. This shows as "public_interface" (VLAN20) with the green box VM next to it.<br> 5. A fresh installed VM of CentOS6.5 is used with nic1 as "public_interface".<br> 6. After configuring the interface "eth0" with a public IP, I am unable to ping any public IP or hostname.<br> <br> Hopefully there's a flaw in the action I took to configure it and it's a simple fix.<br> <br> Thank you,<br> Neil <br> <br> <blockquote cite="mid:CAHa6cRT-j7Gkf-74+YqJExTR77_jfXm+fZqKB4XxvT7PDTax9g@mail.gmail.com" type="cite"> <div dir="ltr"> <div class="gmail_extra"> <div class="gmail_quote"> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <br> From there I have the VM installed and configured with a public IP address, however, only get Destination Host Unreachable, meaning it has no route out.<br> <br> I am banging my head on the desk trying to figure this out. Can anyone give me any assistance?<br> <br> Thank you,<br> Neil<br> _______________________________________________<br> Users mailing list<br> <a moz-do-not-send="true" href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br> <a moz-do-not-send="true" href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br> </blockquote> </div> <br> </div> </div> </blockquote> </body> </html> --------------000902020700050907030604--
On 12/31/2013 03:43 PM, Neil Schulz wrote:
On 12/31/2013 3:02 AM, Sander Grendelman wrote:
On Mon, Dec 30, 2013 at 7:57 PM, Neil Schulz <neil.schulz@neteasy.us <mailto:neil.schulz@neteasy.us>> wrote:
I'm not very knowledgeable in VLANs. Sorry for the lack of knowledge in advance.
Is it possible to create a VLAN for WAN traffic, to separate it from the internal network? I'd imagine so. It was a automated and simple process when use XenServer. I'm trying to switch from Xen to oVirt and when trying to recreate this, I'm unable to ping out from the VM.
This leads me to believe the VLAN was created incorrectly. I created ifcfg-br1 on the host and through the engine, created the logical network with VLAN tagging 20. Does the interface, ifcfg-br1, require a public IP, any IP address, no ip address? (Sorry, never created a VLAN for WAN traffic as it was automated in XenServer)
Assigning an IP-address to a VM network in oVirt is _not_ mandatory, it is only needed for "management" networks (ovirtmgmnt, display, storage) where the _hosts_ need connectivity to resources on that network.
Is this a tagged or an untagged vlan? (an untagged vlan means only one vlan per physical interface andneeds no extra configuration on the OS side) Which other (physical) interfaces are in your "br1" interface? Are the (tagged) vlans assigned to this interface?
A vlan interface on linux looks like this: "eth0.20" where eth0 is the "physical" interface on which tagged vlans are configured and 20 is the number of one of those interfaces.
In the case of an oVirt VM network the physical interface is bridged (and sometimes bonded) so the interface configuration looks like this: "br1.20".
The "normal" route for configuring a new network in ovirt is to configure it in the "networks" tab (as a VM network) and then assigin this network to physical- or bonded interfaces on all the hosts in your cluster.
So the steps I have taken to create this. 1. Assign the 2nd physical interface a static IP. 2. In oVirt Engine, go to "Data Centers" and select "Logical Networks" then "New". For name, something like "public_interface", check "Enable VLAN tagging" and for the field entry, "20". Leave defaults, such as "VM network" checked. 3. Go to "Hosts" then "Network Interfaces" then "Setup Host Networks". Drag "public_interface" to the physical interface, "em2". Save configuration. 4. This shows as "public_interface" (VLAN20) with the green box VM next to it. 5. A fresh installed VM of CentOS6.5 is used with nic1 as "public_interface". 6. After configuring the interface "eth0" with a public IP, I am unable to ping any public IP or hostname.
Hopefully there's a flaw in the action I took to configure it and it's a simple fix.
was this resolved?
Thank you, Neil
From there I have the VM installed and configured with a public IP address, however, only get Destination Host Unreachable, meaning it has no route out.
I am banging my head on the desk trying to figure this out. Can anyone give me any assistance?
Thank you, Neil _______________________________________________ Users mailing list Users@ovirt.org <mailto:Users@ovirt.org> http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (4)
-
Bob Doolittle -
Itamar Heim -
Neil Schulz -
Sander Grendelman