[ovirt-users] Promiscuous Mode

combuster combuster at gmail.com
Sat Mar 5 19:34:17 UTC 2016 

Correct procedure would be:

1. On each of your ovirt nodes run:

yum install vdsm-hook-macspoof

2. On the engine run:

sudo engine-config -s "UserDefinedVMProperties=macspoof=^(true|false)$"

3. Edit OpenVPN virtual machine settings and add a custom property 
containing macspoof keyword and set the value "true" for it.

If you want to remove filtering for a single interface, then replace 
steps 2 and 3 as outlined in the README.

Kind regards,

Ivan

On 03/05/2016 08:21 PM, clint at theboggios.com wrote:
> On 2016-03-05 13:13, combuster wrote:
>> Ignore the link (minor accident while pasting). Yum will download the
>> appropriate one from the repos.
>>
>> On 03/05/2016 08:09 PM, combuster wrote:
>>
>>> Just the hook rpm (vdsm-hook-macspoof [1]).
>>>
>>> Ivan
>>>
>>> On 03/05/2016 08:02 PM, Christopher Young wrote:
>>>
>>> I had a related question on this.
>>>
>>> When it comes to ovirt-node or rhev-h, is there anything required to
>>> be installed on the hypervisor hosts themselves?
>>>
>>> Thanks,
>>>
>>> Chris
>>> On Mar 5, 2016 1:47 PM, "combuster" <combuster at gmail.com> wrote:
>>> Hi Clint, you might want to check the macspoof hook features here:
>>>
>>> https://github.com/oVirt/vdsm/tree/master/vdsm_hooks/macspoof [2]
>>>
>>> This should override arp/spoofing filtering, that might be the
>>> cause of your issues with OpenVPN setup (first guess).
>>>
>>> On 03/05/2016 07:30 PM, Clint Boggio wrote:
>>> I am deploying an OpenVPN server in my OVirt environment and I've
>>> come to a dead stop with the developer support on a topic related to
>>> OVirt configuration.
>>>
>>> The developer wants me to put the VM's underlying NIC into
>>> promiscuous mode.
>>>
>>> I've seen this in a VMware environment and I know what they are
>>> asking me to do, and I'm wondering if there is a clear way to do
>>> this in my OVirt environment.
>>>
>>> I found "port mirroring" but no "promiscuous mode"
>>>
>>> Cheers and thank you !
>>> _______________________________________________
>>> Users mailing list
>>> Users at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users [3]
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users [3]
>>
>>
>>
>> Links:
>> ------
>> [1]
>> http://resources.ovirt.org/pub/ovirt-3.5/rpm/el7Server/noarch/vdsm-hook-macspoof-4.16.10-0.el7.noarch.rpm 
>>
>> [2] https://github.com/oVirt/vdsm/tree/master/vdsm_hooks/macspoof
>> [3] http://lists.ovirt.org/mailman/listinfo/users
>
>
> Thank you very much. Reading the README it appears that there is a 
> series of commands to run on the engine to make the options to remove 
> filtering from the vNIC, or the whole VM available. What purpose is 
> filled by the two scripts that are included in the git, and where do I 
> put them so that they will be utilized if that's even necessary ?

More information about the Users mailing list