[ovirt-users] EXTNET Hook and Libvirtd "Default" Network Setup

Lior Vernia lvernia at redhat.com
Sun Dec 21 08:24:24 UTC 2014


Hi Andrew,

In the medium term I think that might be easier and more scalable -
oVirt should allow you to not have to deal with libvirt "plumbing".

Re-reading your original e-mail, I only now understand that you're using
the default network to setup NAT, and that you weren't adding iptables
rules on your own. If you do prefer to go with that, I have very little
knowledge of libvirt's NAT. Maybe others on the list know more...

Yours, Lior.

On 18/12/14 19:00, Andrew Wagner wrote:
> Lior,
> 
> The main purpose of this is for testing. Medium-term, my plan is to spin
> up another VLAN and routable private subnet with DHCP to trunk our
> virtualization hosts onto. That requires more people to get involved to
> get the testing environment in place. I suppose I can spin up a DHCP
> server and private network outside of libvirt on the machine itself and
> add to oVirt.
> 
> Andrew
> 
> On 12/18/2014 2:41 AM, Lior Vernia wrote:
>> Hi Andrew,
>>
>> On 17/12/14 22:39, Andrew Wagner wrote:
>>> All,
>>>
>>> I'm testing out oVirt for one of our projects that wants to try an
>>> all-in-one setup before going to a larger deployment. For their testing,
>>> they want to use the default NAT'd network from libvirtd on the host.
>>>
>>> I've install oVirt, installed the extnet hook, enabled IP forwarding in
>>> sysctl.conf and loaded the setting, and created a vm that attaches to
>>> the libvirtd "default" network and gets an IP. The VM can ssh to the
>>> virbr0 IP address, in this case 192.168.122.1, to access the host.
>>> However, the VM cannot reach any IP address off of the NAT'd subnet. I
>>> haven't changed any of the default iptables rules that oVirt and
>>> libvirtd create. Looking at ip route and the iptables rules, I feel that
>>> traffic should be getting directed appropriately.
>> Could you elaborate why there's need to meddle with the networking at
>> the level of libvirt and to use the extnet hook?
>>
>> If all you need is an IP address and NAT, I would think a default oVirt
>> setup would do as long as you have a DHCP server and add proper iptables
>> rules to the host.
>>
>> Even if you do in fact need the specific libvirt network and to use the
>> hook, maybe it's worth trying without them first - just to make sure
>> your iptables rules are alright (they would be my prime suspect).
>>
>>> Does anyone have any thoughts as to what the issue may be? For some
>>> reason, the ovirtmgmt bridge doesn't seem to be receiving or allowing
>>> traffic from virbr0 to pass across it. I can provide more information if
>>> that would be helpful!
>>>
>>> Andrew Wagner
>>> _______________________________________________
>>> Users mailing list
>>> Users at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
> 



More information about the Users mailing list