[ovirt-users] Promiscuous Mode
clint at theboggios.com
clint at theboggios.com
Sat Mar 5 20:09:30 UTC 2016
On 2016-03-05 13:34, combuster wrote:
> Correct procedure would be:
>
> 1. On each of your ovirt nodes run:
>
> yum install vdsm-hook-macspoof
>
> 2. On the engine run:
>
> sudo engine-config -s "UserDefinedVMProperties=macspoof=^(true|false)$"
>
> 3. Edit OpenVPN virtual machine settings and add a custom property
> containing macspoof keyword and set the value "true" for it.
>
> If you want to remove filtering for a single interface, then replace
> steps 2 and 3 as outlined in the README.
>
> Kind regards,
>
> Ivan
>
> On 03/05/2016 08:21 PM, clint at theboggios.com wrote:
>> On 2016-03-05 13:13, combuster wrote:
>>> Ignore the link (minor accident while pasting). Yum will download the
>>> appropriate one from the repos.
>>>
>>> On 03/05/2016 08:09 PM, combuster wrote:
>>>
>>>> Just the hook rpm (vdsm-hook-macspoof [1]).
>>>>
>>>> Ivan
>>>>
>>>> On 03/05/2016 08:02 PM, Christopher Young wrote:
>>>>
>>>> I had a related question on this.
>>>>
>>>> When it comes to ovirt-node or rhev-h, is there anything required to
>>>> be installed on the hypervisor hosts themselves?
>>>>
>>>> Thanks,
>>>>
>>>> Chris
>>>> On Mar 5, 2016 1:47 PM, "combuster" <combuster at gmail.com> wrote:
>>>> Hi Clint, you might want to check the macspoof hook features here:
>>>>
>>>> https://github.com/oVirt/vdsm/tree/master/vdsm_hooks/macspoof [2]
>>>>
>>>> This should override arp/spoofing filtering, that might be the
>>>> cause of your issues with OpenVPN setup (first guess).
>>>>
>>>> On 03/05/2016 07:30 PM, Clint Boggio wrote:
>>>> I am deploying an OpenVPN server in my OVirt environment and I've
>>>> come to a dead stop with the developer support on a topic related to
>>>> OVirt configuration.
>>>>
>>>> The developer wants me to put the VM's underlying NIC into
>>>> promiscuous mode.
>>>>
>>>> I've seen this in a VMware environment and I know what they are
>>>> asking me to do, and I'm wondering if there is a clear way to do
>>>> this in my OVirt environment.
>>>>
>>>> I found "port mirroring" but no "promiscuous mode"
>>>>
>>>> Cheers and thank you !
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at ovirt.org
>>>> http://lists.ovirt.org/mailman/listinfo/users [3]
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at ovirt.org
>>>> http://lists.ovirt.org/mailman/listinfo/users [3]
>>>
>>>
>>>
>>> Links:
>>> ------
>>> [1]
>>> http://resources.ovirt.org/pub/ovirt-3.5/rpm/el7Server/noarch/vdsm-hook-macspoof-4.16.10-0.el7.noarch.rpm
>>> [2] https://github.com/oVirt/vdsm/tree/master/vdsm_hooks/macspoof
>>> [3] http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>> Thank you very much. Reading the README it appears that there is a
>> series of commands to run on the engine to make the options to remove
>> filtering from the vNIC, or the whole VM available. What purpose is
>> filled by the two scripts that are included in the git, and where do I
>> put them so that they will be utilized if that's even necessary ?
Ivan, because of YOU, I get me weekend back ! It works and OVPN is up
and running.
Thank you SO MUCH !
More information about the Users
mailing list