[Users] why ovirt does not support NAT network

Itamar Heim iheim at redhat.com
Tue Mar 12 19:09:16 EDT 2013


On 03/11/2013 05:16 AM, Mark Wu wrote:
> On 03/08/2013 05:16 AM, Dan Kenigsberg wrote:
>> On Thu, Mar 07, 2013 at 03:57:49PM +0100, Adrian Gibanel wrote:
>>> Just in case it might help you please check:
>>>
>>> http://lists.ovirt.org/pipermail/users/2012-April/001751.html
>> This is almost 1 year old, but I did not notice it yet. I love the
>> detailed solution!
> +1 on NAT network.  Except that it can save ip address, it also could
> reduce the external physical switch's pressure on mac table. Because the
> VM's
> mac address is invisible to external switch.
>
> But there're two limitations of NAT network compared with physically
> bridged network:
> 1. The VMs attached to the same NAT network, but on different hosts
> can't hear each other.  It could be resolved by constructing a tunnel or
> tunnels
>      among the hosts in the same cluster and centralizing the mac
> address management of dnsmasq on ovirt engine.
>
> 2. The VMs in NAT network are hidden behind the host. The external host
> can't initiate a connection to the VM.  I think it's fine for a desktop VM.\
> For a server VM, it can't be resolved by add a DNAT rule on demand. It's
> similar to the 'floating ip address' in quantum.

also need to remember live migration will probably not work with NAT.
how would floating IP work? wouldn't you need to map it 1:1 with the 
NAT'd IP?

>
> ////
>>
>> Yes, the rant there, about ovirt network being tightly-coupled with a
>> physical interface, is 100% justified. I'm trying to address some of
>> that inhttp://www.ovirt.org/Features/Nicless_Network  but it's a long
>> way to go.
>>
>>> I managed to implement Virtualbox-hostonly-alike networks gathering more info from:
>>> http://libvirt.org/formatnetwork.html
>>> .
>>> You might be also interested in:http://wiki.libvirt.org/page/Networking  although I didn't use it myself.
>>>
>>> You might probably already know this information but, just in case, here it is.
>>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>



More information about the Users mailing list