[ovirt-users] OVN routing and firewalling in oVirt

Gianluca Cecchi gianluca.cecchi at gmail.com
Thu Feb 16 23:12:07 UTC 2017 

On Thu, Feb 16, 2017 at 5:09 PM, Simone Tiraboschi <stirabos at redhat.com>
wrote:

>
>
>> http://blog.spinhirne.com/2016/09/the-ovn-gateway-router.html
>>
>
>> Great!
>> Actually using the previous blog post of the series:
>> http://blog.spinhirne.com/2016/09/an-introduction-to-ovn-routing.html
>>
>
> It was something I wished to show this Monday in the workshop but we were
> really out of time!
>

Don't worry Simone; you were superfast for the time you had available and
you didn't any mistake jumping from one presentation to another in
realtime... superb ;-)



>
>
>>
>>
>>
>> And now vm1 is able to ping both the gateways ip on subn1 and subn2 and
>> to ssh into vm2
>> It remains a sort of spof the fact of the central ovn server, where the
>> logical router lives... but for initial testing it is ok
>>
>
> Are you sure? did you tried bringing it down?
>
> AFAIU, OVN is already providing distributed routing since 2.6: if the node
> where you have the oVirt OVN provider and the OVN controller with
> northbound and southbound DB is down you cannot edit logical networks but
> the existing flows should still be there.
>
>
>

No, I'm not sure... it was only my wrong assumption.
And you are right. This is a single host environment with self hosted
engine.
I put the provider on hosted engine.
I set global maintenance and shutdown the engine.
And I'm still able to go from ovn_net1 to ovn_net2 without any problem...
Fine!

After exiting global maintenance and automatic power on of the engine I can
verify that the configuration has been retained with the configured virtual
router and its gateway ports in nb database.

Just a question: so where does the virtual router live? which command can I
run on the host to verify the sw defined router configuration while the
provider is down, how this information is mapped on the host itself so that
it routes packets from ovn_net1 to ovn_net2?

Cheers,
Gianluca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20170217/1d83fe8c/attachment-0001.html>

More information about the Users mailing list