Re: [ovirt-users] [ovirt 3.6] Logical network not working
Hello, after some time i had the possibility to get in touch with RH support, since the problem was hitting also a setup with RHV 4.0. Seems that the problem is related to the hardware i'm using, which is a Emulex 554FLB CNA.There is a problem is that the nic uses SR-IOV, which on that model leads to problems with linux bridge. Disabled SR-IOV on the nics involved seems to had solved the issue. More info here: https://access.redhat.com/solutions/774743 Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Wed, Sep 14, 2016 at 11:49 AM, Edward Haas wrote: > > Yes, it looks like the response gets stuck in the bridge for some reason. > Can you please share your kernel version? Yes, [root@kvmovirt02 ~]# uname -r 3.10.0-327.4.5.el7.x86_64 thank you -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Wed, Sep 14, 2016 at 12:22 PM, Luca 'remix_tj' Lorenzetto < lorenzetto.l...@gmail.com> wrote: > On Wed, Sep 14, 2016 at 10:54 AM, Edward Haas wrote: > > If I understood correctly, the VM cannot ping the gw/pc even without > vlans in > > place. > > Do you have multiple macs on the VM itself? (like a bridge or some sub > > interfaces) > > No, i have not. > > > > The only thing that comes to my mind is the mac-spoofing that is enabled > by > > default, > > it restricts the VM from using more than one mac address to communicate > > through a > > vnic. > > No, now is a simple VM with one NIC. > > > Except that, I do not have a good idea on what may be wrong. > > Your best friend is tcpdump, make sure you do not see any vlan/tagged > > packets on > > the bridge. (if a tagged packet enters from eno5, it will pass to the > bridge > > as is, even > > passed to the vtap as is... the VM will drop it as it does not expect a > tag > > there) > > > > This is what i get with > > tcpdump -e -n -i Development arp > > 11:04:12.285320 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), > length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 > 11:04:12.285348 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), > length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 > 11:04:12.289081 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP > (0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length > 46 > > > instead, with tcpdump -e -n -i vnic0 arp > > 11:14:13.344807 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), > length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 > 11:14:13.344834 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), > length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 > > On eno5, i get instead this: > > 11:15:57.355926 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), > length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 > 11:15:57.355944 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), > length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 > 11:15:57.358683 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP > (0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length > 46 > > I can't copy/paste from the vm, but same tcpdump on the vm will show > only arp requests outgoing and no arp reply incoming. > > For better clarification: > > 00:1a:4a:16:01:51 is the mac address of eth0 of the VM > 00:00:0c:07:ac:01 is the mac address of the router interface (10.5.31.254) > fe:1a:4a:16:01:51 is the mac address of vtap nic0 > > As you can see arp reply arrives to eno5 and to the bridge > Development, but arrives not to the vtap vnic0. > > This is the issue, because if i set with a static arp entry on the VM > (arp -s 10.5.31.254 00:00:0c:07:ac:01) ping succeeds. > Luca > > Yes, it looks like the response gets stuck in the bridge for some reason. Can you please share your kernel version? Hannes, do you have any idea what could be the cause of this? Any recommendation on how to debug this one? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Wed, Sep 14, 2016 at 10:54 AM, Edward Haas wrote: > If I understood correctly, the VM cannot ping the gw/pc even without vlans in > place. > Do you have multiple macs on the VM itself? (like a bridge or some sub > interfaces) No, i have not. > The only thing that comes to my mind is the mac-spoofing that is enabled by > default, > it restricts the VM from using more than one mac address to communicate > through a > vnic. No, now is a simple VM with one NIC. > Except that, I do not have a good idea on what may be wrong. > Your best friend is tcpdump, make sure you do not see any vlan/tagged > packets on > the bridge. (if a tagged packet enters from eno5, it will pass to the bridge > as is, even > passed to the vtap as is... the VM will drop it as it does not expect a tag > there) > This is what i get with tcpdump -e -n -i Development arp 11:04:12.285320 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 11:04:12.285348 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 11:04:12.289081 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP (0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length 46 instead, with tcpdump -e -n -i vnic0 arp 11:14:13.344807 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 11:14:13.344834 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 On eno5, i get instead this: 11:15:57.355926 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 11:15:57.355944 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806), length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28 11:15:57.358683 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP (0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length 46 I can't copy/paste from the vm, but same tcpdump on the vm will show only arp requests outgoing and no arp reply incoming. For better clarification: 00:1a:4a:16:01:51 is the mac address of eth0 of the VM 00:00:0c:07:ac:01 is the mac address of the router interface (10.5.31.254) fe:1a:4a:16:01:51 is the mac address of vtap nic0 As you can see arp reply arrives to eno5 and to the bridge Development, but arrives not to the vtap vnic0. This is the issue, because if i set with a static arp entry on the VM (arp -s 10.5.31.254 00:00:0c:07:ac:01) ping succeeds. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Tue, Sep 13, 2016 at 10:41 PM, Luca 'remix_tj' Lorenzetto < lorenzetto.l...@gmail.com> wrote: > On Tue, Sep 13, 2016 at 9:20 PM, Edward Haas wrote: > > > > > > On Mon, Sep 12, 2016 at 3:14 PM, Luca 'remix_tj' Lorenzetto > > wrote: > >> > >> On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe wrote: > >> > So is the problem getting traffic between two different VLANs working? > >> > If > >> > so, have you double checked your routing? > >> > >> No, the issue is that VM cannot still ping the gateway of it's own > >> network. > >> > >> Resuming: > >> > >> VM can ping the host interface assigned to the logical network (eno5) > >> VM cannot ping gateway > >> > >> Host can ping gateway and VM > >> > >> External machine (e.g. gateway) cannot ping VM > >> External machine can ping the host interface assigned to the logical > >> network (eno5) > > > > > > I may be missing something here, and a diagram would have helped. > > Assuming this is your setup, see how vlan tagging matters and translates > to > > the network: > > > > [pc]---[switch] > 828>[eno5]-[eno5.828][bridge][vNIC - > > regular iface, no vlan] > > > > In this setup, eno5 and eno5.828 should not have any IP defined, that is > not > > legal. You need the address on the bridge. > > And you are not suppose to add it manually, but set it through Engine. > > Yes, i reported a wrong information. Sorry. > > I added the ip address starting via the engine to the bridge Development. > > > > > Based on your description, setting an address on eno5, means that your > gw/pc > > is not residing on a VLAN, or you have no trunk between eno > > to it. > [cut] > > and fix the data flow diagram if it is not correct. > > > > The data flow now is the following, after disabling VLAN settings on > engine and changing the port as native interface. > > [pc]---[switch] access>[eno5]---[bridge][vNIC - regular iface, no vlan] > > Before was as you reported. VLAN usage has been disable to check if > something was wrong on my setup on the host. > > As you can see on my previous emails, seems that the issue is about > the linux bridge, which is not forwarding ARP packets from the > external network (traffic incoming to eno5) to the vtap (vnet0, which > reports mac address different from the one seen inside the VM) > > > Perhaps it will be better to just add here the output of from the host: > > ip addr > > 1: lo: mtu 65536 qdisc noqueue state UNKNOWN > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo >valid_lft forever preferred_lft forever > 2: eno1: mtu 1500 qdisc mq > master bond0 state UP qlen 1000 > link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff > 3: eno2: mtu 1500 qdisc mq > master bond0 state UP qlen 1000 > link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff > 4: eno3: mtu 1500 qdisc mq > master bond1 state UP qlen 1000 > link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff > 5: eno4: mtu 1500 qdisc mq > master bond1 state UP qlen 1000 > link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff > 6: eno5: mtu 1500 qdisc mq master > Development state UP qlen 1000 > link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff > 7: eno6: mtu 1500 qdisc mq state UP > qlen 1000 > link/ether 00:21:5a:9b:ba:97 brd ff:ff:ff:ff:ff:ff > 8: bond0: mtu 1500 qdisc > noqueue master ovirtmgmt state UP > link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff > 9: bond1: mtu 1500 qdisc > noqueue state UP > link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff > inet 172.25.44.57/22 brd 172.25.47.255 scope global bond1 >valid_lft forever preferred_lft forever > 10: ;vdsmdummy;: mtu 1500 qdisc noop state DOWN > link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff > 12: ovirtmgmt: mtu 1500 qdisc noqueue > state UP > link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff > inet 10.5.12.48/22 brd 10.5.15.255 scope global ovirtmgmt >valid_lft forever preferred_lft forever > 31: Development: mtu 1500 qdisc > noqueue state UP > link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff > inet 10.5.30.12/22 brd 10.5.31.255 scope global Development >valid_lft forever preferred_lft forever > 32: vnet0: mtu 1500 qdisc pfifo_fast > master Development state UNKNOWN qlen 500 > link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff > > > > brctl show > > > bridge name bridge id STP enabled interfaces > ;vdsmdummy; 8000. no > Development8000.00215a9bba95 no eno5 > vnet0 > ovirtmgmt 8000.00215a9bba8d no bond0 > > > > vdsClient -s 0 getVdsCaps > > > > HBAInventory = {'FC': [{'model': '554FLB - HP FlexFabric 10Gb > 2-port 554FLB Adapter', > 'wwnn': '5001438002a3b2f7', > 'wwpn': '5001438002a3b2f6'}, >{'model': '554FLB -
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Tue, Sep 13, 2016 at 9:20 PM, Edward Haas wrote: > > > On Mon, Sep 12, 2016 at 3:14 PM, Luca 'remix_tj' Lorenzetto > wrote: >> >> On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe wrote: >> > So is the problem getting traffic between two different VLANs working? >> > If >> > so, have you double checked your routing? >> >> No, the issue is that VM cannot still ping the gateway of it's own >> network. >> >> Resuming: >> >> VM can ping the host interface assigned to the logical network (eno5) >> VM cannot ping gateway >> >> Host can ping gateway and VM >> >> External machine (e.g. gateway) cannot ping VM >> External machine can ping the host interface assigned to the logical >> network (eno5) > > > I may be missing something here, and a diagram would have helped. > Assuming this is your setup, see how vlan tagging matters and translates to > the network: > > [pc]---[switch] 828>[eno5]-[eno5.828][bridge][vNIC - > regular iface, no vlan] > > In this setup, eno5 and eno5.828 should not have any IP defined, that is not > legal. You need the address on the bridge. > And you are not suppose to add it manually, but set it through Engine. Yes, i reported a wrong information. Sorry. I added the ip address starting via the engine to the bridge Development. > Based on your description, setting an address on eno5, means that your gw/pc > is not residing on a VLAN, or you have no trunk between eno > to it. [cut] > and fix the data flow diagram if it is not correct. > The data flow now is the following, after disabling VLAN settings on engine and changing the port as native interface. [pc]---[switch][eno5]---[bridge][vNIC - regular iface, no vlan] Before was as you reported. VLAN usage has been disable to check if something was wrong on my setup on the host. As you can see on my previous emails, seems that the issue is about the linux bridge, which is not forwarding ARP packets from the external network (traffic incoming to eno5) to the vtap (vnet0, which reports mac address different from the one seen inside the VM) > Perhaps it will be better to just add here the output of from the host: > ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eno1: mtu 1500 qdisc mq master bond0 state UP qlen 1000 link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff 3: eno2: mtu 1500 qdisc mq master bond0 state UP qlen 1000 link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff 4: eno3: mtu 1500 qdisc mq master bond1 state UP qlen 1000 link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff 5: eno4: mtu 1500 qdisc mq master bond1 state UP qlen 1000 link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff 6: eno5: mtu 1500 qdisc mq master Development state UP qlen 1000 link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff 7: eno6: mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:21:5a:9b:ba:97 brd ff:ff:ff:ff:ff:ff 8: bond0: mtu 1500 qdisc noqueue master ovirtmgmt state UP link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff 9: bond1: mtu 1500 qdisc noqueue state UP link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff inet 172.25.44.57/22 brd 172.25.47.255 scope global bond1 valid_lft forever preferred_lft forever 10: ;vdsmdummy;: mtu 1500 qdisc noop state DOWN link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 12: ovirtmgmt: mtu 1500 qdisc noqueue state UP link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff inet 10.5.12.48/22 brd 10.5.15.255 scope global ovirtmgmt valid_lft forever preferred_lft forever 31: Development: mtu 1500 qdisc noqueue state UP link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff inet 10.5.30.12/22 brd 10.5.31.255 scope global Development valid_lft forever preferred_lft forever 32: vnet0: mtu 1500 qdisc pfifo_fast master Development state UNKNOWN qlen 500 link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff > brctl show bridge name bridge id STP enabled interfaces ;vdsmdummy; 8000. no Development8000.00215a9bba95 no eno5 vnet0 ovirtmgmt 8000.00215a9bba8d no bond0 > vdsClient -s 0 getVdsCaps > HBAInventory = {'FC': [{'model': '554FLB - HP FlexFabric 10Gb 2-port 554FLB Adapter', 'wwnn': '5001438002a3b2f7', 'wwpn': '5001438002a3b2f6'}, {'model': '554FLB - HP FlexFabric 10Gb 2-port 554FLB Adapter', 'wwnn': '5001438002a3b2f9', 'wwpn': '5001438002a3b2f8'}], 'iSCSI': [{'InitiatorName': 'iqn.1994-05.com.redhat:33f12e4cd757'}]} ISCSIInitiatorName = 'iqn.1994-05.com.redhat:33f12e4cd757' additionalFeatures = []
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Mon, Sep 12, 2016 at 3:14 PM, Luca 'remix_tj' Lorenzetto < lorenzetto.l...@gmail.com> wrote: > On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe wrote: > > So is the problem getting traffic between two different VLANs working? > If > > so, have you double checked your routing? > > No, the issue is that VM cannot still ping the gateway of it's own network. > > Resuming: > > VM can ping the host interface assigned to the logical network (eno5) > VM cannot ping gateway > > Host can ping gateway and VM > > External machine (e.g. gateway) cannot ping VM > External machine can ping the host interface assigned to the logical > network (eno5) > I may be missing something here, and a diagram would have helped. Assuming this is your setup, see how vlan tagging matters and translates to the network: [pc]---[switch][eno5]-[eno5.828][bridge][vNIC - regular iface, no vlan] In this setup, eno5 and eno5.828 should not have any IP defined, that is not legal. You need the address on the bridge. And you are not suppose to add it manually, but set it through Engine. Based on your description, setting an address on eno5, means that your gw/pc is not residing on a VLAN, or you have no trunk between eno to it. Perhaps it will be better to just add here the output of from the host: ip addr brctl show vdsClient -s 0 getVdsCaps and fix the data flow diagram if it is not correct. > > -- > "E' assurdo impiegare gli uomini di intelligenza eccellente per fare > calcoli che potrebbero essere affidati a chiunque se si usassero delle > macchine" > Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) > > "Internet è la più grande biblioteca del mondo. > Ma il problema è che i libri sono tutti sparsi sul pavimento" > John Allen Paulos, Matematico (1945-vivente) > > Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , < > lorenzetto.l...@gmail.com> > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe wrote: > So is the problem getting traffic between two different VLANs working? If > so, have you double checked your routing? No, the issue is that VM cannot still ping the gateway of it's own network. Resuming: VM can ping the host interface assigned to the logical network (eno5) VM cannot ping gateway Host can ping gateway and VM External machine (e.g. gateway) cannot ping VM External machine can ping the host interface assigned to the logical network (eno5) -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
So is the problem getting traffic between two different VLANs working? If so, have you double checked your routing? On Mon, Sep 12, 2016 at 8:09 PM, Luca 'remix_tj' Lorenzetto < lorenzetto.l...@gmail.com> wrote: > On Mon, Sep 12, 2016 at 2:08 PM, Colin Coe wrote: > > I've been using RHEV with HP virtual connect (currently C7000 with > > Flex10/10D, previously C3000 With Flex10) for years now, mostly without > > problems. > > > > The switch port that connects the virtual connect environment to the > rest of > > your network, is it configured as a trunk and is VLAN 828 allowed? > > Yes. The issue is not related to VC, because traffic for that VLAN > flows in and out without problems. > > -- > "E' assurdo impiegare gli uomini di intelligenza eccellente per fare > calcoli che potrebbero essere affidati a chiunque se si usassero delle > macchine" > Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) > > "Internet è la più grande biblioteca del mondo. > Ma il problema è che i libri sono tutti sparsi sul pavimento" > John Allen Paulos, Matematico (1945-vivente) > > Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , < > lorenzetto.l...@gmail.com> > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Mon, Sep 12, 2016 at 2:08 PM, Colin Coe wrote: > I've been using RHEV with HP virtual connect (currently C7000 with > Flex10/10D, previously C3000 With Flex10) for years now, mostly without > problems. > > The switch port that connects the virtual connect environment to the rest of > your network, is it configured as a trunk and is VLAN 828 allowed? Yes. The issue is not related to VC, because traffic for that VLAN flows in and out without problems. -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
I've been using RHEV with HP virtual connect (currently C7000 with Flex10/10D, previously C3000 With Flex10) for years now, mostly without problems. The switch port that connects the virtual connect environment to the rest of your network, is it configured as a trunk and is VLAN 828 allowed? On Mon, Sep 12, 2016 at 8:01 PM, Luca 'remix_tj' Lorenzetto < lorenzetto.l...@gmail.com> wrote: > On Mon, Sep 12, 2016 at 9:44 AM, Luca 'remix_tj' Lorenzetto > wrote: > > > I did also the same using the ovirtmgmt logical network and i'm > > experiencing the same problem. > > Did some other investigation, with new findings. Tried using a CirrOS > image to eliminate possible issues on the VM. Ping is still broken. > Making some bridge troubleshooting i found out that: > > arp request is sent by the VM > arp request is forwarded by the "Development" bridge > arp reply is sent by the router 10.5.31.254 back to the bridge. > arp reply is NOT FORWARDED to the VM. > > This is a strange behaviour of the bridge. Maybe i'm missing some > sysctl configurations. > > Luca > > -- > "E' assurdo impiegare gli uomini di intelligenza eccellente per fare > calcoli che potrebbero essere affidati a chiunque se si usassero delle > macchine" > Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) > > "Internet è la più grande biblioteca del mondo. > Ma il problema è che i libri sono tutti sparsi sul pavimento" > John Allen Paulos, Matematico (1945-vivente) > > Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , < > lorenzetto.l...@gmail.com> > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Mon, Sep 12, 2016 at 2:01 PM, Luca 'remix_tj' Lorenzetto wrote: [cut] > Making some bridge troubleshooting i found out that: > > arp request is sent by the VM > arp request is forwarded by the "Development" bridge > arp reply is sent by the router 10.5.31.254 back to the bridge. > arp reply is NOT FORWARDED to the VM. Forgot to say that setting static arp entry for the ip of the gw on the VM gave the ability to ping successfully the gateway. I'm now investigating further on bridge. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Mon, Sep 12, 2016 at 9:44 AM, Luca 'remix_tj' Lorenzetto wrote: > I did also the same using the ovirtmgmt logical network and i'm > experiencing the same problem. Did some other investigation, with new findings. Tried using a CirrOS image to eliminate possible issues on the VM. Ping is still broken. Making some bridge troubleshooting i found out that: arp request is sent by the VM arp request is forwarded by the "Development" bridge arp reply is sent by the router 10.5.31.254 back to the bridge. arp reply is NOT FORWARDED to the VM. This is a strange behaviour of the bridge. Maybe i'm missing some sysctl configurations. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Sun, Sep 11, 2016 at 7:32 PM, Edward Haas wrote: > > This means you have a trunk set on the switch port connected to eno5, right? I'm using HP Virtual Connect and i configured the interface as "Multiple Networks". On that interface i can list the VLANs that i need on the specific interface. If required i can flag one of these VLANs as native. At the moment the setup is this: on eno5 interface is set as "Multiple Networks". Only one network added, which is the VLAN 828. That VLAN is set as 828, so you can communicate over that network without specifying VLAN id. > I would recommend setting an IP address to the 'Development' network in the > same subnet > so you could check if your VM can reach it and if you can reach from it to > the router. > Then you will have a better understanding where is the problem. > Added on eno5 the IP 10.5.30.12, with router settings. From my PC i can ping that IP remixtj@remixtj:~$ ping 10.5.30.12 PING 10.5.30.12 (10.5.30.12) 56(84) bytes of data. 64 bytes from 10.5.30.12: icmp_seq=2 ttl=61 time=4.09 ms 64 bytes from 10.5.30.12: icmp_seq=3 ttl=61 time=0.478 ms 64 bytes from 10.5.30.12: icmp_seq=4 ttl=61 time=0.415 ms On the VM same. The ip is pingable. I did also the same using the ovirtmgmt logical network and i'm experiencing the same problem. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Fri, Sep 9, 2016 at 2:05 PM, Luca 'remix_tj' Lorenzetto < lorenzetto.l...@gmail.com> wrote: > On Fri, Sep 9, 2016 at 12:49 PM, Edward Haas wrote: > > > > > > > Can you please elaborate on what address you assigned to the VM and > > to what address did you tried to ping? > > > I can explain more how is the network setup: > > i have a vlan with vlan id 828. The addressing assigned to this vlan > is 10.5.28.0/22. > Gateway is 10.5.31.254 > > My VM has ip 10.5.28.211 and is pinging the default gateway (10.5.31.254). > > Logical network "Development" is connected to the interface eno5 and > has no ip address. > > What i get on the vm is Destination Host Unreachable, and arp -an > shows 10.5.31.254 as incomplete. > > It's a clear sign of network isolation. > > Luca > > This means you have a trunk set on the switch port connected to eno5, right? I would recommend setting an IP address to the 'Development' network in the same subnet so you could check if your VM can reach it and if you can reach from it to the router. Then you will have a better understanding where is the problem. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Fri, Sep 9, 2016 at 12:49 PM, Edward Haas wrote: > > > Can you please elaborate on what address you assigned to the VM and > to what address did you tried to ping? I can explain more how is the network setup: i have a vlan with vlan id 828. The addressing assigned to this vlan is 10.5.28.0/22. Gateway is 10.5.31.254 My VM has ip 10.5.28.211 and is pinging the default gateway (10.5.31.254). Logical network "Development" is connected to the interface eno5 and has no ip address. What i get on the vm is Destination Host Unreachable, and arp -an shows 10.5.31.254 as incomplete. It's a clear sign of network isolation. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Fri, Sep 9, 2016 at 11:50 AM, Luca 'remix_tj' Lorenzetto < lorenzetto.l...@gmail.com> wrote: > Hello Marcin, > > iptables -L is clean, default policy accept. Iptables and firewalld > has been stopped. > > I'm not able to find out what's happening. > > Luca > > On Fri, Sep 9, 2016 at 10:37 AM, Marcin Mirecki > wrote: > > Hello Luca, > > > > The description of your setup seems to be correct. > > Can you please disable firewalld and iptables just to make sure this is > not the cause. > > I'll try to recreate and see what the possible causes can be. > > > > Thanks, > > Marcin > > > > > > - Original Message - > >> From: "Luca 'remix_tj' Lorenzetto" > >> To: users@ovirt.org > >> Sent: Thursday, September 8, 2016 5:44:27 PM > >> Subject: [ovirt-users] [ovirt 3.6] Logical network not working > >> > >> Hello, > >> > >> i'm new to ovirt and i did some months ago a setup of ovirt 3.6 for > >> playing. My setup is composed by two physical hosts with 6 nic each > >> and another machine hosting the engine. All hosts are running RHEL 7.2 > >> > >> Setup went well, no problems. I've been able to convert the kvm image > >> provided by redhat and have it running on ovirt. > >> > >> Then i decided to configure a new network in addition to the > >> ovirtmgmt. I went to networks, i created the logical network called > >> Development and set the flag "Enable VLAN Tagging" and inserted the > >> vlan tag. > >> Once created the logical network i went to each host and did setup > >> network and assigned the logical network to the interface where the > >> vlan is connected. The interface is configured with bootproto=none, so > >> no IP has been assigned to the eno5.828 that appeared after assigning > >> logical network. > >> > >> I started then a vm and connected to the vNIC "Develoment/Development" > >> and assigned an IP. But networking is not working: no ping, no traffic > >> visible with tcpdump. > Can you please elaborate on what address you assigned to the VM and to what address did you tried to ping? > >> > >> I tested the single interfaces on the hosts and where the logical > >> network is connected with tcpdump (both eno5 and eno5.828) i see tons > >> of broadcast traffic of that interface. > >> > >> With brctl-show i see that assigned to the bridge Development there > >> are both eno5.828 and vnic0. > >> > >> Any way to understand what's happening and why traffic is not passing? > >> > >> Thank you > >> > >> Luca > >> > >> -- > >> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare > >> calcoli che potrebbero essere affidati a chiunque se si usassero delle > >> macchine" > >> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) > >> > >> "Internet è la più grande biblioteca del mondo. > >> Ma il problema è che i libri sono tutti sparsi sul pavimento" > >> John Allen Paulos, Matematico (1945-vivente) > >> > >> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , > >> > >> ___ > >> Users mailing list > >> Users@ovirt.org > >> http://lists.ovirt.org/mailman/listinfo/users > >> > > > > -- > "E' assurdo impiegare gli uomini di intelligenza eccellente per fare > calcoli che potrebbero essere affidati a chiunque se si usassero delle > macchine" > Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) > > "Internet è la più grande biblioteca del mondo. > Ma il problema è che i libri sono tutti sparsi sul pavimento" > John Allen Paulos, Matematico (1945-vivente) > > Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , < > lorenzetto.l...@gmail.com> > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Fri, Sep 9, 2016 at 11:14 AM, Luca 'remix_tj' Lorenzetto wrote: [cut] > i'll try again, but i already did the same test with the vlan set as > native on the interface and configured the Logical Network without > vlan. The only difference was that firewall was up. I can confirm that native interface (no VLAN) has the same problem. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
On Fri, Sep 9, 2016 at 11:08 AM, Marcin Mirecki wrote: > Luca, > > Have you tried adding a network with no VLAN? Can you try adding > another network the same way, but with no VLAN? > This could help us to establish the cause of the problem (vlan or other). > Hello, i'll try again, but i already did the same test with the vlan set as native on the interface and configured the Logical Network without vlan. The only difference was that firewall was up. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
Hello Marcin, iptables -L is clean, default policy accept. Iptables and firewalld has been stopped. I'm not able to find out what's happening. Luca On Fri, Sep 9, 2016 at 10:37 AM, Marcin Mirecki wrote: > Hello Luca, > > The description of your setup seems to be correct. > Can you please disable firewalld and iptables just to make sure this is not > the cause. > I'll try to recreate and see what the possible causes can be. > > Thanks, > Marcin > > > - Original Message - >> From: "Luca 'remix_tj' Lorenzetto" >> To: users@ovirt.org >> Sent: Thursday, September 8, 2016 5:44:27 PM >> Subject: [ovirt-users] [ovirt 3.6] Logical network not working >> >> Hello, >> >> i'm new to ovirt and i did some months ago a setup of ovirt 3.6 for >> playing. My setup is composed by two physical hosts with 6 nic each >> and another machine hosting the engine. All hosts are running RHEL 7.2 >> >> Setup went well, no problems. I've been able to convert the kvm image >> provided by redhat and have it running on ovirt. >> >> Then i decided to configure a new network in addition to the >> ovirtmgmt. I went to networks, i created the logical network called >> Development and set the flag "Enable VLAN Tagging" and inserted the >> vlan tag. >> Once created the logical network i went to each host and did setup >> network and assigned the logical network to the interface where the >> vlan is connected. The interface is configured with bootproto=none, so >> no IP has been assigned to the eno5.828 that appeared after assigning >> logical network. >> >> I started then a vm and connected to the vNIC "Develoment/Development" >> and assigned an IP. But networking is not working: no ping, no traffic >> visible with tcpdump. >> >> I tested the single interfaces on the hosts and where the logical >> network is connected with tcpdump (both eno5 and eno5.828) i see tons >> of broadcast traffic of that interface. >> >> With brctl-show i see that assigned to the bridge Development there >> are both eno5.828 and vnic0. >> >> Any way to understand what's happening and why traffic is not passing? >> >> Thank you >> >> Luca >> >> -- >> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare >> calcoli che potrebbero essere affidati a chiunque se si usassero delle >> macchine" >> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) >> >> "Internet è la più grande biblioteca del mondo. >> Ma il problema è che i libri sono tutti sparsi sul pavimento" >> John Allen Paulos, Matematico (1945-vivente) >> >> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , >> >> ___ >> Users mailing list >> Users@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] [ovirt 3.6] Logical network not working
Hello Luca, The description of your setup seems to be correct. Can you please disable firewalld and iptables just to make sure this is not the cause. I'll try to recreate and see what the possible causes can be. Thanks, Marcin - Original Message - > From: "Luca 'remix_tj' Lorenzetto" > To: users@ovirt.org > Sent: Thursday, September 8, 2016 5:44:27 PM > Subject: [ovirt-users] [ovirt 3.6] Logical network not working > > Hello, > > i'm new to ovirt and i did some months ago a setup of ovirt 3.6 for > playing. My setup is composed by two physical hosts with 6 nic each > and another machine hosting the engine. All hosts are running RHEL 7.2 > > Setup went well, no problems. I've been able to convert the kvm image > provided by redhat and have it running on ovirt. > > Then i decided to configure a new network in addition to the > ovirtmgmt. I went to networks, i created the logical network called > Development and set the flag "Enable VLAN Tagging" and inserted the > vlan tag. > Once created the logical network i went to each host and did setup > network and assigned the logical network to the interface where the > vlan is connected. The interface is configured with bootproto=none, so > no IP has been assigned to the eno5.828 that appeared after assigning > logical network. > > I started then a vm and connected to the vNIC "Develoment/Development" > and assigned an IP. But networking is not working: no ping, no traffic > visible with tcpdump. > > I tested the single interfaces on the hosts and where the logical > network is connected with tcpdump (both eno5 and eno5.828) i see tons > of broadcast traffic of that interface. > > With brctl-show i see that assigned to the bridge Development there > are both eno5.828 and vnic0. > > Any way to understand what's happening and why traffic is not passing? > > Thank you > > Luca > > -- > "E' assurdo impiegare gli uomini di intelligenza eccellente per fare > calcoli che potrebbero essere affidati a chiunque se si usassero delle > macchine" > Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) > > "Internet è la più grande biblioteca del mondo. > Ma il problema è che i libri sono tutti sparsi sul pavimento" > John Allen Paulos, Matematico (1945-vivente) > > Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users