[ovirt-users] How to build specific network structure?

Mitch mitchinseattle2014 at gmail.com
Wed Aug 23 09:32:22 UTC 2017


Hi,

I am trying to understand the best way to structure our network with oVirt.

We have a number of servers hosted in a remote datacenter, all with a
single NIC with a single public IP.

One server also has a /26 subnet mapped to it which we have to present
on a specific MAC address.

What I am trying to do is have all our VMs on a private subnet
10.2.3.0/24 for example, and use OVN to make that subnet available
across all oVirt hosts, (PeerVPN and Tinc are also options I’m looking
at).

On the single host with the /26 on it, I plan to run an instance of
Opnsense or similar as a VM, with two NICs, one bridged to eth0 with
the specific MAC required for the public subnet, and one that will
connect to the private virtual network, I could then do 1-to-1 NAT for
those hosts on the private network that need to be publically
accessible.

I know this isn’t the ideal setup, but we have to work with in the
constraints required by the datacenter we are using.

Unfortunately I can’t work out how to configure this in oVirt, I
assume I need to set up a logical network for the private subnet,
using OVN as an external provider, and set up another logical subnet
for the public address space and attach that to a specific host in the
cluster?

For the public address space, how do I bridge that to eth0 and give it
a specific MAC address? Also how can I ensure my Opnsense VM comes up
on a specific host?

For the private network, is OVN the best approach, or am I better off
looking at other mesh VPN solutions to build an internal network
across our oVirt hosts?

Any comments or suggestions will be greatly appreciated.

Thanks :)


More information about the Users mailing list