[ovirt-users] oVirt 3.5 & NAT
Dan Kenigsberg
danken at redhat.com
Thu Nov 20 13:14:54 UTC 2014
On Thu, Nov 20, 2014 at 07:08:13AM -0500, Antoni Segura Puimedon wrote:
>
>
> ----- Original Message -----
> > From: "Dan Kenigsberg" <danken at redhat.com>
> > To: "Phil Daws" <phil.daws at innovot.com>
> > Cc: "users" <users at ovirt.org>
> > Sent: Thursday, November 20, 2014 1:02:04 PM
> > Subject: Re: [ovirt-users] oVirt 3.5 & NAT
> >
> > On Thu, Nov 20, 2014 at 01:21:27AM +0000, Phil Daws wrote:
> > > Yes, thank you Robert. The hook is working wonderfully! Have a single NIC
> > > on the VDSM host configured with public IP, then OVS installed, and VLANs
> > > hanging off that to a guest which is acting as the firewall to
> > > internal/NAT systems.
> > >
> > > [root at vmh01 ~]# ovs-vsctl show
> > > 077da472-acf6-4141-bd9d-8e42047d3efc
> > > Bridge "ovsbr0"
> > > Port "vnet4"
> > > tag: 14
> > > Interface "vnet4"
> > > Port "vnet2"
> > > tag: 10
> > > Interface "vnet2"
> > > Port "ovsbr0"
> > > Interface "ovsbr0"
> > > type: internal
> > > Port "vnet3"
> > > tag: 14
> > > Interface "vnet3"
> > > Port "vnet1"
> > > tag: 8
> > > Interface "vnet1"
> > > ovs_version: "2.3.90"
> >
> > Thank you both for your contributions!
> >
> > From a software design PoV, we'd better not duplicate the extnet code.
> > If a bug is found and fixed in extnet,
> > http://www.ovirt.org/VDSM-Hooks/network-nat would have to be updated as
> > well.
> >
> > It would be more elegant to ship an additional script with an independent
> > custom property, say "ovs_portgroup". This script would run after extnet
> > does, and would add the portgroup attribute to to the proper element.
>
> I agree with a separate custom property, but I think that we could make
> extnet look for it too and set the port group itself. It would be backwards
> compatible and simpler.
Yeah, I suppose simplicity wins over puritanism here.
More information about the Users
mailing list