[ovirt-users] Connection hickups with Pfsense and Carp

Matt . yamakasi.014 at gmail.com
Thu May 15 10:42:24 UTC 2014 

OK, now I'm confused.

For MacSpoofing we per default don't have the "macspoof" feature in the
engine am I right ?

To get that... you need to set:

engine-config -s EnableMACAntiSpoofingFilterRules=false --cver=3.X

But no hook needs to be installed for this ? I don't have ping at the
momment with macspoof set on true on a VM.




2014-05-15 12:35 GMT+02:00 Itamar Heim <iheim at redhat.com>:

> On 05/15/2014 04:26 AM, Matt . wrote:
>
>> Itamar,
>>
>> On some testhost I'm updating now to 3.4(.x) I also need to install the
>> hook it seems... it's not there by default.
>>
>> Any idea why you thought it should be ?
>>
>
> there is no need for the hook for port mirroring. you can define a vnic
> profile with port mirroring via the engine and vdsm has this feature
> built-in.
>
> if you need more than just port mirroring (say, port forwarding), then you
> still need the hook.
>
>
>> Cheers,
>>
>> Matt
>>
>>
>> 2014-05-12 14:55 GMT+02:00 Matt . <yamakasi.014 at gmail.com
>> <mailto:yamakasi.014 at gmail.com>>:
>>
>>
>>     Hi,
>>
>>     I really needed to enable the hook... Will investigate on new hosts!
>>
>>
>>     2014-05-11 22:37 GMT+02:00 Itamar Heim <iheim at redhat.com
>>     <mailto:iheim at redhat.com>>:
>>
>>
>>         On 04/17/2014 04:08 AM, Matt . wrote:
>>
>>             Hi Guys,
>>
>>             I'm not able to write a howto yet as we need to check how
>>             this is
>>             running on high traffic and we are going soon. Than, we need
>>             to test
>>             some other functions before I can actually write something
>> down.
>>
>>             Because this is not all documented well indeed I'm in
>>             testmode and doing
>>             some @ life system as reallife environments are always
>>             coming with other
>>             things than your prefec test.
>>
>>             I cannot say I needed promiscuouity, I did some things you
>> would
>>             normally do on pfsense which fixed that part. Some old
>>             message you
>>             really need to discard instead of clicking it away was
>>             confusing this test.
>>
>>
>>
>>         you are not supposed to need the promiscious hook for
>>         sniffing/mirroring - that's by now part of engine/vdsm (at vnic
>>         level in earlier versions, and at network profile in later
>>         versions iirc)
>>
>>
>>
>>             2014-04-17 9:08 GMT+02:00 Dan Kenigsberg <danken at redhat.com
>>             <mailto:danken at redhat.com>
>>             <mailto:danken at redhat.com <mailto:danken at redhat.com>>>:
>>
>>
>>
>>                  On Thu, Apr 17, 2014 at 01:11:13AM +0200, Matt . wrote:
>>                   > OK, also this is finetuned, but it would be nice to
>>             have some
>>                  more info
>>                   > about the hooks in these cases... it's interesting
>>             as oVirt has
>>                  the right
>>                   > settings to start with but we need to know what we
>>             need to set
>>                  when we have
>>                   > a setup like this for an example.
>>
>>                  Could you explain what you have done, and what do you
>>             need promiscuouity
>>                  for? oVirt has "port mirroring" that allows to mirror
>>             ip traffic from
>>                  one vm network to another.
>>
>>                   >
>>                   >
>>                   > 2014-04-17 0:35 GMT+02:00 Matt .
>>             <yamakasi.014 at gmail.com <mailto:yamakasi.014 at gmail.com>
>>                  <mailto:yamakasi.014 at gmail.com
>>             <mailto:yamakasi.014 at gmail.com>__>>:
>>
>>
>>                   >
>>                   > > Traffic issues are solved, but the advertising in
>>             not that well.
>>                   > >
>>                   > > I see on ESXi (vSphere) that you need to enable
>>             "Promiscuous
>>                  Mode", but
>>                   > > how on oVirt ?
>>                   > >
>>                   > >
>>             http://www.blissfulidiot.com/__2013/11/using-carp-with-__
>> vmware-esxi.html
>>
>>             <http://www.blissfulidiot.com/2013/11/using-carp-with-
>> vmware-esxi.html>
>>                   > >
>>                   > > Do I need the vdsm-hook-promisc for it ? as I need
>>             to make real
>>                  settings
>>                   > > on a VM there I think the vswitch only needs the
>> mode.
>>                   > >
>>                   > > Information is welcome!
>>
>>
>>
>>
>>             _________________________________________________
>>             Users mailing list
>>             Users at ovirt.org <mailto:Users at ovirt.org>
>>             http://lists.ovirt.org/__mailman/listinfo/users
>>             <http://lists.ovirt.org/mailman/listinfo/users>
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140515/ab5869d7/attachment-0001.html>

More information about the Users mailing list