[Users] Default route on hosts

[Assaf Muller]

Can users outside of the hosts' networks reach the VMs in the hosts?

If you use netstat -rn it is expected that the gateway will be 0.0.0.0, as ifcfg-ovirtmgmt has DEFROUTE=yes and ifcfg-public has DEFROUTE=no, then ovirtmgmt's
'gateway' (0.0.0.0) will be determined as the host's default gateway. However with the new multiple gateways feature we configure source routing to make
sure that traffic that comes (from the outside) in the public network's device will return the way it came in.

You can use 'ip rule' to see the rules VDSM configures. It creates two rules and a routing table per device. You can use 'ip route show table %s' on each
table, where the IDs can be obtained by 'ip rule'.

----- Original Message -----
From: "Chris Geddings" <chris.geddings at duke.edu>
To: "Assaf Muller" <amuller at redhat.com>
Sent: Tuesday, November 12, 2013 2:26:40 PM
Subject: Re: [Users] Default route on hosts


On Nov 12, 2013, at 3:32 AM, Assaf Muller <amuller at redhat.com> wrote:

> oVirt 3.3 introduced a feature called multiple gateways which may assist you. If you configured a gateway on the public network (Either statically via oVirt
> or via DHCP), then all traffic into the hosts through their public network NIC will be returned via that nic, *even though* the host's default gateway is
> ovirtmgmt's gateway.
> 
So, interestingly or not, when I define a gateway on the public interface (through the web management interface or DHCP), and I don't worry about making the
DEFROUTE=yes setting in my "public" network, the box behaves like it has an incorrect default route.  Now, my management network has a gateway
of 0.0.0.0, as it is a completely simple network, so that may be part of the problem. I'm not sure the impact of a 0.0.0.0 as a gateway.

I'm not sure how to poke at this further to figure out where the breakage is.  Routing looks like it has gotten a little more complex, and I'm still operating with 
'netstat -rn' and 'route add foo' type commands.

--Chris