[ovirt-users] Connection hickups with Pfsense and Carp
Matt .
yamakasi.014 at gmail.com
Thu May 15 10:42:24 UTC 2014
OK, now I'm confused.
For MacSpoofing we per default don't have the "macspoof" feature in the
engine am I right ?
To get that... you need to set:
engine-config -s EnableMACAntiSpoofingFilterRules=false --cver=3.X
But no hook needs to be installed for this ? I don't have ping at the
momment with macspoof set on true on a VM.
2014-05-15 12:35 GMT+02:00 Itamar Heim <iheim at redhat.com>:
> On 05/15/2014 04:26 AM, Matt . wrote:
>
>> Itamar,
>>
>> On some testhost I'm updating now to 3.4(.x) I also need to install the
>> hook it seems... it's not there by default.
>>
>> Any idea why you thought it should be ?
>>
>
> there is no need for the hook for port mirroring. you can define a vnic
> profile with port mirroring via the engine and vdsm has this feature
> built-in.
>
> if you need more than just port mirroring (say, port forwarding), then you
> still need the hook.
>
>
>> Cheers,
>>
>> Matt
>>
>>
>> 2014-05-12 14:55 GMT+02:00 Matt . <yamakasi.014 at gmail.com
>> <mailto:yamakasi.014 at gmail.com>>:
>>
>>
>> Hi,
>>
>> I really needed to enable the hook... Will investigate on new hosts!
>>
>>
>> 2014-05-11 22:37 GMT+02:00 Itamar Heim <iheim at redhat.com
>> <mailto:iheim at redhat.com>>:
>>
>>
>> On 04/17/2014 04:08 AM, Matt . wrote:
>>
>> Hi Guys,
>>
>> I'm not able to write a howto yet as we need to check how
>> this is
>> running on high traffic and we are going soon. Than, we need
>> to test
>> some other functions before I can actually write something
>> down.
>>
>> Because this is not all documented well indeed I'm in
>> testmode and doing
>> some @ life system as reallife environments are always
>> coming with other
>> things than your prefec test.
>>
>> I cannot say I needed promiscuouity, I did some things you
>> would
>> normally do on pfsense which fixed that part. Some old
>> message you
>> really need to discard instead of clicking it away was
>> confusing this test.
>>
>>
>>
>> you are not supposed to need the promiscious hook for
>> sniffing/mirroring - that's by now part of engine/vdsm (at vnic
>> level in earlier versions, and at network profile in later
>> versions iirc)
>>
>>
>>
>> 2014-04-17 9:08 GMT+02:00 Dan Kenigsberg <danken at redhat.com
>> <mailto:danken at redhat.com>
>> <mailto:danken at redhat.com <mailto:danken at redhat.com>>>:
>>
>>
>>
>> On Thu, Apr 17, 2014 at 01:11:13AM +0200, Matt . wrote:
>> > OK, also this is finetuned, but it would be nice to
>> have some
>> more info
>> > about the hooks in these cases... it's interesting
>> as oVirt has
>> the right
>> > settings to start with but we need to know what we
>> need to set
>> when we have
>> > a setup like this for an example.
>>
>> Could you explain what you have done, and what do you
>> need promiscuouity
>> for? oVirt has "port mirroring" that allows to mirror
>> ip traffic from
>> one vm network to another.
>>
>> >
>> >
>> > 2014-04-17 0:35 GMT+02:00 Matt .
>> <yamakasi.014 at gmail.com <mailto:yamakasi.014 at gmail.com>
>> <mailto:yamakasi.014 at gmail.com
>> <mailto:yamakasi.014 at gmail.com>__>>:
>>
>>
>> >
>> > > Traffic issues are solved, but the advertising in
>> not that well.
>> > >
>> > > I see on ESXi (vSphere) that you need to enable
>> "Promiscuous
>> Mode", but
>> > > how on oVirt ?
>> > >
>> > >
>> http://www.blissfulidiot.com/__2013/11/using-carp-with-__
>> vmware-esxi.html
>>
>> <http://www.blissfulidiot.com/2013/11/using-carp-with-
>> vmware-esxi.html>
>> > >
>> > > Do I need the vdsm-hook-promisc for it ? as I need
>> to make real
>> settings
>> > > on a VM there I think the vswitch only needs the
>> mode.
>> > >
>> > > Information is welcome!
>>
>>
>>
>>
>> _________________________________________________
>> Users mailing list
>> Users at ovirt.org <mailto:Users at ovirt.org>
>> http://lists.ovirt.org/__mailman/listinfo/users
>> <http://lists.ovirt.org/mailman/listinfo/users>
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140515/ab5869d7/attachment-0001.html>
More information about the Users
mailing list