[ovirt-users] Can´t use a VM Network VLAN, because the Virtual Machines inside can't reach the Gateway

Julián Tete danteconrad14 at gmail.com
Thu Oct 22 23:31:23 UTC 2015 

Good News Everyone :)

I Change from the CentOS 7 kernel to kernel-ml from elrepo in the Host....

And oVirt 3.6 Release Candidate 3 works like a charm

Thank you pals :)

2015-10-21 19:36 GMT-05:00 Julián Tete <danteconrad14 at gmail.com>:

> Hello Friends of oVirt
>
> I'm glad to get your help. I'm trying to build a community of oVirt in
> Colombia.
>
> This is the data requested:
>
> #########HOST########
>
> Software
>
> OS Version: RHEL - 7 - 1.1503.el7.centos.2.8
> Kernel Version: 3.10.0 - 229.14.1.el7.x86_64
> KVM Version: 3.10.0 - 229.14.1.el7.x86_64
> LIBVIRT Version: libvirt-1.2.8-16.el7_1.4
> VDSM Version: vdsm-4.17.9-0.el7.centos
> SPICE Version: 0.12.4 - 9.el7_1.3
> GlusterFS Version: glusterfs-3.7.5-1.el7
> CEPH Version: librbd1-0.80.7-2.el7
>
> Hardware
>
> Manufacturer: HP
> Family: ProLiant
> Product Name: ProLiant BL460c Gen8
> Version: [N/A]
> UUID: 2197C286-BC9C-4CF3-99CB-......
> Serial Number: VCX.....
> CPU Model: Intel(R) Xeon(R) CPU E5-2667 v2 @ 3.30GHz
> CPU Type: Intel SandyBridge Family
> CPU Sockets: 2
> CPU Cores per Socket: 8
> CPU Threads per Core: 2 (SMT Enabled)
>
> Model name: QMH2572 - PCI-Express Dual Channel 8Gb Fibre Channel Mezzanine
> HBA, NFF
> Device type: FC
> Model name: QMH2572 - PCI-Express Dual Channel 8Gb Fibre Channel Mezzanine
> HBA, NFF
> Device type: FC
>
> The rest of the data is here:
>
> http://pastebin.com/Snc27Jgn
>
> Thank very much
>
> I love oVirt 3.6, so far so good.
>
> This is the last detail to dump VMware
>
> :)
>
>
>
> 2015-10-13 2:43 GMT-05:00 Ido Barkan <ibarkan at redhat.com>:
>
>> Julian,
>> Lets try a more systematic approach (similar to what Donny suggests):
>>
>> Please disable your arp script, and reproduce the situation where your vm
>> cannot connect to the outside.
>> It will be also a good idea to have the failing machine be the only
>> powered on machine connected to the network (bridge).
>>
>> * from the machine os run a ping to a pingable destination outside of
>> your network (8.8.8.8?)
>> * run tcpdump on the hypervisor on several interfaces:
>>   * the vm tap device (vnet0? vnet1?)
>>   * the vm network bridge device (hosting?), where the tap device is
>> attached to. This should be visible via brctl.
>>   * the vlan device underneath the bridge (this one should have a name
>> like 'eno1.50' where eno1 is the physical nic and 50 is the vlan tag)
>>   * the physical device (the ethernet nic)
>>
>> The tcpdump command requires root privileges and looks like this: "sudo
>> tcpdump -n -i <device_name> icmp or arp"
>>
>> What I assume we will see are only icmp requests (pings) and no icmp
>> replies (pongs). There might be also be only arp requests and
>> no arp replies.
>> What I am interested at is the arp broadcasts, as the vm should broadcast
>> an arp request (who-is <my_gateway_ip>).
>> My first guess is that is no response or there is one but the vm cannot
>> hear it. This is why I used the arp filter in the tcpdump command.
>>
>> This should shed some light on where the problem is and in which layer.
>> find out where the traffic is not forwarded.
>>
>> Also, when you locate the point of failure, try and wait for the traffic
>> to 'suddenly work' as you said and then figure out what was changed.
>>
>> We would love to see the dumps and coontinue to help.
>>
>> Thanks,
>> Ido
>>
>>
>> On Thu, Oct 8, 2015 at 7:29 PM, Julián Tete <danteconrad14 at gmail.com>
>> wrote:
>>
>>> I found the reason of my Problem: the virtual machines can't write the
>>> ARP table ¡¡¿?!!
>>>
>>> When I manually use the command:
>>>
>>> arp -s 192.168.XXX.XX 00:09:XX:XX:XX:XX
>>>
>>> I can reach the gateway
>>>
>>> I can't reach anything from my net segment but i can reach Internet
>>> (Double ¡¡¿?!!)
>>>
>>> For the moment I wrote a script, but is awful to do this.
>>>
>>> Any idea ?
>>>
>>> Thanks in advance :)
>>>
>>> 2015-07-10 11:26 GMT-05:00 Julián Tete <danteconrad14 at gmail.com>:
>>>
>>>> Perhaps us are affected by the following error :
>>>>
>>>> http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04267968
>>>>
>>>> I will keep you informed
>>>>
>>>> Thanks Friends
>>>>
>>>> 2015-07-06 12:06 GMT-05:00 Julián Tete <danteconrad14 at gmail.com>:
>>>>
>>>>> Hi Friends of oVirt
>>>>>
>>>>> This the data required:
>>>>>
>>>>> I have a HP Enclosure with a HP SAN.
>>>>> I can't change the net settings in the switch because we have VMware
>>>>> Virtual Machines in production in the same enclosure.
>>>>> The switch is in Trunk Mode and all the traffic are in Tagged VLAN's
>>>>> with ID's: 1,50,90,91 and 100.
>>>>> I can play with 6 blades.
>>>>> I in the first Blade I installed oVirt in hosted engine mode.
>>>>> The only S.O is CentOS 7.1
>>>>>
>>>>> I used inxi to brig the data for you:
>>>>>
>>>>> My First Host is the only host until now (SPM) is the first data
>>>>> domain (NFS) and contains the hosted engine machine.
>>>>> I installed oVirt with ovirtmgmt in VLAN 1, over the interface eno1,
>>>>> without any VLAN Tagged configuration.
>>>>>
>>>>> This the data for my first host:
>>>>>
>>>>> http://pastebin.com/dfC0XTQM
>>>>>
>>>>> This the data for the Engine:
>>>>>
>>>>> http://pastebin.com/JdrMSbj0
>>>>>
>>>>> This the data for the Virtual Machine created in VLAN 50:
>>>>>
>>>>> S.O : CentOS 7.1
>>>>> SELinux: Permissive
>>>>> IP ADDRESS: 192.168.50.8
>>>>> PREFIX: 27
>>>>> GATEWAY: 192.168.50.1
>>>>> Interface: eth0
>>>>>
>>>>> The Virtual Machine hasn´t any VLAN configuration.
>>>>>
>>>>> In the 3 S.O, Network Manager is stopped and disabled, connectivity is
>>>>> managed by the network daemon.
>>>>>
>>>>> This is the data for the Networking in the admin interface:
>>>>>
>>>>> http://postimg.org/image/lbypejxrh/
>>>>>
>>>>> http://postimg.org/image/jtkyhqs8f/
>>>>>
>>>>> http://postimg.org/image/7dwf1nb9f/
>>>>>
>>>>> http://postimg.org/image/6i9t75g33/
>>>>>
>>>>> http://postimg.org/image/sm8e6lecv/
>>>>>
>>>>> http://postimg.org/image/cvig7rjuv/
>>>>>
>>>>> http://postimg.org/image/fxcthsrtl/
>>>>>
>>>>> http://postimg.org/image/o6xjwwvyz/
>>>>>
>>>>> http://postimg.org/image/pv5ar5v3j/
>>>>>
>>>>> http://postimg.org/image/dx8br0gq7/
>>>>>
>>>>> http://postimg.org/image/baixp4b0j/
>>>>>
>>>>> This the case
>>>>>
>>>>> With No IP in the VLAN, and IP in the Virtual Machine, From the
>>>>> Virtual Machine can ping myself (192.168.50.8) but I can't reach the
>>>>> gateway, can't reach the host, can't reach Internet.
>>>>>
>>>>> Any help is appreciated
>>>>>
>>>>> Thanks Friends of oVirt
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> 2015-07-06 7:51 GMT-05:00 Soeren Malchow <soeren.malchow at mcon.net>:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> To make it easier to understand what the situation is, it would help
>>>>>> to
>>>>>> see your bridging configuration and your interface configration.
>>>>>>
>>>>>> Something like:
>>>>>>
>>>>>> #> ip addr
>>>>>>
>>>>>> And
>>>>>>
>>>>>> #> brctl show
>>>>>>
>>>>>> Regards
>>>>>> Soeren
>>>>>>
>>>>>> On 06/07/15 13:30, "users-bounces at ovirt.org on behalf of Dan
>>>>>> Kenigsberg"
>>>>>> <users-bounces at ovirt.org on behalf of danken at redhat.com> wrote:
>>>>>>
>>>>>> >On Tue, Jun 30, 2015 at 03:48:49PM -0500, Julián Tete wrote:
>>>>>> >> Hi Friends of oVirt
>>>>>> >>
>>>>>> >> I'm trying to migrate my company from VMware to oVirt.
>>>>>> >
>>>>>> >We'd like to help you do this!
>>>>>> >
>>>>>> >> In my final tests, I set up 2 more VLANs in oVirt, (VM VLANs)
>>>>>> >> The Virtual Machines in these VLANs, can be reached from the
>>>>>> external
>>>>>> >>IPs
>>>>>> >> from the net range,
>>>>>> >> but from the Virtual machines only can ping the Host with the
>>>>>> Bridge and
>>>>>> >> itself, can't reach the gateway. ¿?
>>>>>> >>
>>>>>> >> I configured a IP Forwarding in the Host with the virtual machine,
>>>>>> and
>>>>>> >> nothing changes...
>>>>>> >>
>>>>>> >> Any idea ? This is the last duty before embrace oVirt in the
>>>>>> company.
>>>>>> >>
>>>>>> >> Look to the VLAN 100 configuration (My desired VM Network):
>>>>>> >>
>>>>>> >> http://postimg.org/image/7hrog0a2n/
>>>>>> >>
>>>>>> >> http://postimg.org/image/68b40i1vr/
>>>>>> >>
>>>>>> >> http://postimg.org/image/lu6mlshgp/
>>>>>> >
>>>>>> >I must admit that I don't understand your problem yet. When you ping
>>>>>> >from inside your guest, where are your packets dropped?
>>>>>> >
>>>>>> >I'd like to point that your "Hosting" network, as most VM networks,
>>>>>> is
>>>>>> >better off left without an IP address. The benefit of this is better
>>>>>> >security (host TCP stack is not accessible from VMs) and less
>>>>>> chances of
>>>>>> >routing collisions from the host.
>>>>>> >
>>>>>> >So unless you need to use the same network for something other than
>>>>>> VM
>>>>>> >communication, try to clear its address.
>>>>>> >
>>>>>> >Regards,
>>>>>> >Dan.
>>>>>> >_______________________________________________
>>>>>> >Users mailing list
>>>>>> >Users at ovirt.org
>>>>>> >http://lists.ovirt.org/mailman/listinfo/users
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>>
>>>
>>
>>
>> --
>> Thanks,
>> Ido Barkan
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20151022/7f76d031/attachment-0001.html>

More information about the Users mailing list