[ovirt-users] IP forwarding... Cannot access guest IP
richard.seguin at marisec.ca
richard.seguin at marisec.ca
Tue Apr 29 21:11:57 UTC 2014
All of the other hypervisors that I am reading about allows for promiscuous mode to be turned on at the host level... Do we have anything like that?
-----Original Message-----
From: "Alexander Wels" <awels at redhat.com>
Sent: Tuesday, April 29, 2014 4:37pm
To: richard.seguin at marisec.ca
Cc: users at ovirt.org, "Dan Kenigsberg" <danken at redhat.com>
Subject: Re: [ovirt-users] IP forwarding... Cannot access guest IP
On Tuesday, April 29, 2014 04:34:29 PM richard.seguin at marisec.ca wrote:
> You have no idea how much I wanted this to work...
>
> macspoof = true
>
> nothing changed...
>
I forgot to mention what Dan DID mention, go to
http://www.ovirt.org/Vdsm_Hooks
And look at the yum install vdsm-hook-macspoof part. Unless of course you
already did this.
> -----Original Message-----
> From: "Alexander Wels" <awels at redhat.com>
> Sent: Tuesday, April 29, 2014 8:47am
> To: users at ovirt.org
> Cc: "Dan Kenigsberg" <danken at redhat.com>, richard.seguin at marisec.ca
> Subject: Re: [ovirt-users] IP forwarding... Cannot access guest IP
>
> On Tuesday, April 29, 2014 01:35:08 PM Dan Kenigsberg wrote:
> > On Tue, Apr 29, 2014 at 06:33:14AM -0400, richard.seguin at marisec.ca wrote:
> > > Hi Dan,
> > >
> > > Yes I am an ovirt user. Basically, I am running into an issue running
> > > xen
> > > inside of kvm. Our scenario is that this is lab environment, and we
> > > enjoy the luxury of spinning up kvm instances (as opposed to installing
> > > on bare metal each time we need something). Our product uses Xen, and we
> > > are pretty much stuck with it for the time being.
> > >
> > > I think what I am running into is a double bridge issue... Xen has a
> > > bridge, and so does kvm obviously. I am able to ping dom0 (which is
> > > just
> > > the bridge itself) on Xen from the outside world, but I am not able to
> > > ping udom... and... udom doesn't have access out either. When I was
> > > using vmware, I enabled promisc mode on the virtual switch, and this
> > > solution worked fine...
> > >
> > > If we ignore the types of technology that I am using, and just focus on
> > > the networking, what would I be looking at as possibilities? Or... a
> > > better question would be, does ovirt have a promiscuous flag somewhere
> > > that I can set?
> >
> > I cannot say that I understand your setup, but if you have nested
> > virtuallization (such as a Xen udom) you may experience ovirt's
> > no-mac-spoofing rule: by default we disallow our VMs to emit traffic
> > that has different mac address from the one assigned by oVirt.
> >
> > To avoid this, follow http://www.ovirt.org/Vdsm_Hooks#Installing_a_hook
> > and report if that's the issue.
>
> If the mac address is the issue wouldn't it be easier for him to just edit
> the VM and in custom properties set macspoof to true?
>
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
More information about the Users
mailing list