[Users] Bridge for logical network

Moti Asayag masayag at redhat.com
Tue Sep 17 06:24:37 UTC 2013 

Sorry for the delay in response.

----- Original Message -----
> From: "Juan Pablo Lorier" <jplorier at gmail.com>
> To: users at ovirt.org
> Sent: Tuesday, September 10, 2013 6:39:16 PM
> Subject: Re: [Users] Bridge for logical network
> 
> Hi Moti,
> 
> When you say
> 
> As long as the bridge is defined on engine side and reported by VDSM you
> should
> be able to assign vms to it.
> 
> What do you mean? I can't see bridge interfaces in the engine, it just
> shows the fisical nics. Is there a way to force engine to see the bridge?

The engine reports the network configuration as VDSM reports it. If the reported
network exists on the engine (by Logical Network definition), the admin will be
able to edit that network via the engine, else the engine considers a network
which doesn't exist on the engine to be non-managed and the only operation the admin
can perform is removing it from the nic.

By bridges I meant logical networks marked as VM network (current vm network implementation
by ovirt) as presented on the image in [1] marked by 2 "assigned networks".

https://motiasayag.wordpress.com/2013/02/13/setup-networks/


> If I hide one nic, then if the visible one fails, I loose connectivity
> even if the other nic in the bridge is active?

I haven't tested that scenario since ovirt doesn't supports such topology.
I might expect that if the visible interface is down, although the hidden nic
is operational, the host will be set to non-operational, unless the network
isn't marked as required (on Cluster --> networks sub-tab).

> If I add both nics to the bridge (the hidden and the visible) and then
> by the engine assign the LN to the visible nic, is it going to work? 

I'd follow the next steps:
1. Via setupNetworks attach the LN to the visible nic.
2. Manually add the hidden nic as another leg of the bridge.

There is downside for this: If you decide to remove the network from the engine-side,
you'll have to remove it manually from the hidden nic as well.

The above is experiential and based on assumptions of how ovirt should
behave with such configuration. I'd use it only on test enviroment.

>I'm
> used to assign the ip address to the bridgen, no to one of the
> interfases member as this shouldn't work, and I guess that the engine
> will set the ip to the nic not to the bridge as it's what it sees.
> Sorry for so many questions, but I want to be sure of what I'm doing
> before testing it as I have to work on the production platform.
> Regards,
> 
> >> From: "Juan Pablo Lorier" <jplorier at gmail.com>
> >> To: "Dan Kenigsberg" <danken at redhat.com>
> >> Cc: "users" <users at ovirt.org>
> >> Sent: Tuesday, September 10, 2013 2:50:08 AM
> >> Subject: Re: [Users] Bridge for logical network
> >>
> >> Hi Dan
> >>
> >> By hiding the eths, will I be able to use the bridge to assign it to a vm?
> >> Regards,
> >>
> > As long as the bridge is defined on engine side and reported by VDSM you
> > should
> > be able to assign vms to it.
> >
> > Please report if hiding the additional nics (only one nic shouldn't be
> > hidden) works
> > for you.
> >
> >> El 09/09/13 19:48, Dan Kenigsberg escribi?:
> >>> On Mon, Sep 09, 2013 at 03:19:48PM -0300, Juan Pablo Lorier wrote:
> >>>> Hi,
> >>>>
> >>>> Another question: I need to connect 2 eths to a Fortigate cluster so I
> >>>> need them to be in a bridge with single ip so it can connect to the DMZ.
> >>>> As far as I can see, ovirt 3.2 is allowing me to create bonds and assign
> >>>> logical network to them, but not to create a bridge. Can I create it
> >>>> manually and get ovirt to handle it?
> >>> Indeed, ovirt does not support setting up a bridge with multiple
> >>> physical legs.
> >>>
> >>> I do not recall having tried that, but I have a suspition that Engine
> >>> may be confused if such a bridge is to be reported by Vdsm.
> > The engine do complains about a bridge created on more than a single
> > interface.
> >
> >>> If that happens, I suggest that you list these two eths in vdsm.conf's
> >>> hidden_nics. Then, they would not show up on ovirt's network editing
> >>> tools and would not tempt admins to use them for other purposes.
> >>>
> >>> Dan.
> >>> Please test it out and r
> >> _______________________________________________
> >> Users mailing list
> >> Users at ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >>
> >
> >
> 
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>

More information about the Users mailing list