Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

Hello,

after some time i had the possibility to get in touch with RH support,
since the problem was hitting also a setup with RHV 4.0. Seems that
the problem is related to the hardware i'm using, which is a Emulex
554FLB CNA.There is a problem is that the nic uses SR-IOV, which on
that model leads to problems with linux bridge. Disabled SR-IOV on the
nics involved seems to had solved the issue.

More info here:

https://access.redhat.com/solutions/774743

Luca

-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Wed, Sep 14, 2016 at 11:49 AM, Edward Haas  wrote:
>
> Yes, it looks like the response gets stuck in the bridge for some reason.
> Can you please share your kernel version?

Yes,

[root@kvmovirt02 ~]# uname -r
3.10.0-327.4.5.el7.x86_64

thank you

-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Edward Haas]

On Wed, Sep 14, 2016 at 12:22 PM, Luca 'remix_tj' Lorenzetto <
lorenzetto.l...@gmail.com> wrote:

> On Wed, Sep 14, 2016 at 10:54 AM, Edward Haas  wrote:
> > If I understood correctly, the VM cannot ping the gw/pc even without
> vlans in
> > place.
> > Do you have multiple macs on the VM itself? (like a bridge or some sub
> > interfaces)
>
> No, i have not.
>
>
> > The only thing that comes to my mind is the mac-spoofing that is enabled
> by
> > default,
> > it restricts the VM from using more than one mac address to communicate
> > through a
> > vnic.
>
> No, now is a simple VM with one NIC.
>
> > Except that, I do not have a good idea on what may be wrong.
> > Your best friend is tcpdump, make sure you do not see any vlan/tagged
> > packets on
> > the bridge. (if a tagged packet enters from eno5, it will pass to the
> bridge
> > as is, even
> > passed to the vtap as is... the VM will drop it as it does not expect a
> tag
> > there)
> >
>
> This is what i get with
>
> tcpdump -e -n -i Development arp
>
> 11:04:12.285320 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
> length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
> 11:04:12.285348 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
> length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
> 11:04:12.289081 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP
> (0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length
> 46
>
>
> instead, with tcpdump -e -n -i vnic0 arp
>
> 11:14:13.344807 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
> length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
> 11:14:13.344834 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
> length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
>
> On eno5, i get instead this:
>
> 11:15:57.355926 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
> length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
> 11:15:57.355944 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
> length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
> 11:15:57.358683 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP
> (0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length
> 46
>
> I can't copy/paste from the vm, but same tcpdump on the vm will show
> only arp requests outgoing and no arp reply incoming.
>
> For better clarification:
>
> 00:1a:4a:16:01:51 is the mac address of eth0 of the VM
> 00:00:0c:07:ac:01 is the mac address of the router interface (10.5.31.254)
> fe:1a:4a:16:01:51 is the mac address of vtap nic0
>
> As you can see arp reply arrives to eno5 and to the bridge
> Development, but arrives not to the vtap vnic0.
>
> This is the issue, because if i set with a static arp entry on the VM
> (arp -s 10.5.31.254 00:00:0c:07:ac:01) ping succeeds.


> Luca
>
>
Yes, it looks like the response gets stuck in the bridge for some reason.
Can you please share your kernel version?

Hannes, do you have any idea what could be the cause of this?
Any recommendation on how to debug this one?
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Wed, Sep 14, 2016 at 10:54 AM, Edward Haas  wrote:
> If I understood correctly, the VM cannot ping the gw/pc even without vlans in
> place.
> Do you have multiple macs on the VM itself? (like a bridge or some sub
> interfaces)

No, i have not.


> The only thing that comes to my mind is the mac-spoofing that is enabled by
> default,
> it restricts the VM from using more than one mac address to communicate
> through a
> vnic.

No, now is a simple VM with one NIC.

> Except that, I do not have a good idea on what may be wrong.
> Your best friend is tcpdump, make sure you do not see any vlan/tagged
> packets on
> the bridge. (if a tagged packet enters from eno5, it will pass to the bridge
> as is, even
> passed to the vtap as is... the VM will drop it as it does not expect a tag
> there)
>

This is what i get with

tcpdump -e -n -i Development arp

11:04:12.285320 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
11:04:12.285348 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
11:04:12.289081 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP
(0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length
46


instead, with tcpdump -e -n -i vnic0 arp

11:14:13.344807 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
11:14:13.344834 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28

On eno5, i get instead this:

11:15:57.355926 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
11:15:57.355944 00:1a:4a:16:01:51 > Broadcast, ethertype ARP (0x0806),
length 42: Request who-has 10.5.31.254 tell 10.5.28.211, length 28
11:15:57.358683 00:00:0c:07:ac:01 > 00:1a:4a:16:01:51, ethertype ARP
(0x0806), length 60: Reply 10.5.31.254 is-at 00:00:0c:07:ac:01, length
46

I can't copy/paste from the vm, but same tcpdump on the vm will show
only arp requests outgoing and no arp reply incoming.

For better clarification:

00:1a:4a:16:01:51 is the mac address of eth0 of the VM
00:00:0c:07:ac:01 is the mac address of the router interface (10.5.31.254)
fe:1a:4a:16:01:51 is the mac address of vtap nic0

As you can see arp reply arrives to eno5 and to the bridge
Development, but arrives not to the vtap vnic0.

This is the issue, because if i set with a static arp entry on the VM
(arp -s 10.5.31.254 00:00:0c:07:ac:01) ping succeeds.

Luca


-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Edward Haas]

On Tue, Sep 13, 2016 at 10:41 PM, Luca 'remix_tj' Lorenzetto <
lorenzetto.l...@gmail.com> wrote:

> On Tue, Sep 13, 2016 at 9:20 PM, Edward Haas  wrote:
> >
> >
> > On Mon, Sep 12, 2016 at 3:14 PM, Luca 'remix_tj' Lorenzetto
> >  wrote:
> >>
> >> On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe  wrote:
> >> > So is the problem getting traffic between two different VLANs working?
> >> > If
> >> > so, have you double checked your routing?
> >>
> >> No, the issue is that VM cannot still ping the gateway of it's own
> >> network.
> >>
> >> Resuming:
> >>
> >> VM can ping the host interface assigned to the logical network (eno5)
> >> VM cannot ping gateway
> >>
> >> Host can ping gateway and VM
> >>
> >> External machine (e.g. gateway) cannot ping VM
> >> External machine can ping the host interface assigned to the logical
> >> network (eno5)
> >
> >
> > I may be missing something here, and a diagram would have helped.
> > Assuming this is your setup, see how vlan tagging matters and translates
> to
> > the network:
> >
> > [pc]---[switch] > 828>[eno5]-[eno5.828][bridge][vNIC -
> > regular iface, no vlan]
> >
> > In this setup, eno5 and eno5.828 should not have any IP defined, that is
> not
> > legal. You need the address on the bridge.
> > And you are not suppose to add it manually, but set it through Engine.
>
> Yes, i reported a wrong information. Sorry.
>
> I added the ip address starting via the engine to the bridge Development.
>
>
>
> > Based on your description, setting an address on eno5, means that your
> gw/pc
> > is not residing on a VLAN, or you have no trunk between eno
> > to it.
> [cut]
> > and fix the data flow diagram if it is not correct.
> >
>
> The data flow now is the following, after disabling VLAN settings on
> engine and changing the port as native interface.
>
> [pc]---[switch] access>[eno5]---[bridge][vNIC - regular iface, no vlan]
>
> Before was as you reported. VLAN usage has been disable to check if
> something was wrong on my setup on the host.
>
> As you can see on my previous emails, seems that the issue is about
> the linux bridge, which is not forwarding ARP packets from the
> external network (traffic incoming to eno5) to the vtap (vnet0, which
> reports mac address different from the one seen inside the VM)
>
> > Perhaps it will be better to just add here the output of from the host:
> > ip addr
>
> 1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
>valid_lft forever preferred_lft forever
> 2: eno1:  mtu 1500 qdisc mq
> master bond0 state UP qlen 1000
> link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
> 3: eno2:  mtu 1500 qdisc mq
> master bond0 state UP qlen 1000
> link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
> 4: eno3:  mtu 1500 qdisc mq
> master bond1 state UP qlen 1000
> link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff
> 5: eno4:  mtu 1500 qdisc mq
> master bond1 state UP qlen 1000
> link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff
> 6: eno5:  mtu 1500 qdisc mq master
> Development state UP qlen 1000
> link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff
> 7: eno6:  mtu 1500 qdisc mq state UP
> qlen 1000
> link/ether 00:21:5a:9b:ba:97 brd ff:ff:ff:ff:ff:ff
> 8: bond0:  mtu 1500 qdisc
> noqueue master ovirtmgmt state UP
> link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
> 9: bond1:  mtu 1500 qdisc
> noqueue state UP
> link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff
> inet 172.25.44.57/22 brd 172.25.47.255 scope global bond1
>valid_lft forever preferred_lft forever
> 10: ;vdsmdummy;:  mtu 1500 qdisc noop state DOWN
> link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
> 12: ovirtmgmt:  mtu 1500 qdisc noqueue
> state UP
> link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
> inet 10.5.12.48/22 brd 10.5.15.255 scope global ovirtmgmt
>valid_lft forever preferred_lft forever
> 31: Development:  mtu 1500 qdisc
> noqueue state UP
> link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff
> inet 10.5.30.12/22 brd 10.5.31.255 scope global Development
>valid_lft forever preferred_lft forever
> 32: vnet0:  mtu 1500 qdisc pfifo_fast
> master Development state UNKNOWN qlen 500
> link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff
>
>
> > brctl show
>
>
> bridge name bridge id   STP enabled interfaces
> ;vdsmdummy; 8000. 

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Tue, Sep 13, 2016 at 9:20 PM, Edward Haas  wrote:
>
>
> On Mon, Sep 12, 2016 at 3:14 PM, Luca 'remix_tj' Lorenzetto
>  wrote:
>>
>> On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe  wrote:
>> > So is the problem getting traffic between two different VLANs working?
>> > If
>> > so, have you double checked your routing?
>>
>> No, the issue is that VM cannot still ping the gateway of it's own
>> network.
>>
>> Resuming:
>>
>> VM can ping the host interface assigned to the logical network (eno5)
>> VM cannot ping gateway
>>
>> Host can ping gateway and VM
>>
>> External machine (e.g. gateway) cannot ping VM
>> External machine can ping the host interface assigned to the logical
>> network (eno5)
>
>
> I may be missing something here, and a diagram would have helped.
> Assuming this is your setup, see how vlan tagging matters and translates to
> the network:
>
> [pc]---[switch] 828>[eno5]-[eno5.828][bridge][vNIC -
> regular iface, no vlan]
>
> In this setup, eno5 and eno5.828 should not have any IP defined, that is not
> legal. You need the address on the bridge.
> And you are not suppose to add it manually, but set it through Engine.

Yes, i reported a wrong information. Sorry.

I added the ip address starting via the engine to the bridge Development.



> Based on your description, setting an address on eno5, means that your gw/pc
> is not residing on a VLAN, or you have no trunk between eno
> to it.
[cut]
> and fix the data flow diagram if it is not correct.
>

The data flow now is the following, after disabling VLAN settings on
engine and changing the port as native interface.

[pc]---[switch][eno5]---[bridge][vNIC - regular iface, no vlan]

Before was as you reported. VLAN usage has been disable to check if
something was wrong on my setup on the host.

As you can see on my previous emails, seems that the issue is about
the linux bridge, which is not forwarding ARP packets from the
external network (traffic incoming to eno5) to the vtap (vnet0, which
reports mac address different from the one seen inside the VM)

> Perhaps it will be better to just add here the output of from the host:
> ip addr

1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
2: eno1:  mtu 1500 qdisc mq
master bond0 state UP qlen 1000
link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
3: eno2:  mtu 1500 qdisc mq
master bond0 state UP qlen 1000
link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
4: eno3:  mtu 1500 qdisc mq
master bond1 state UP qlen 1000
link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff
5: eno4:  mtu 1500 qdisc mq
master bond1 state UP qlen 1000
link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff
6: eno5:  mtu 1500 qdisc mq master
Development state UP qlen 1000
link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff
7: eno6:  mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:21:5a:9b:ba:97 brd ff:ff:ff:ff:ff:ff
8: bond0:  mtu 1500 qdisc
noqueue master ovirtmgmt state UP
link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
9: bond1:  mtu 1500 qdisc
noqueue state UP
link/ether 00:21:5a:9b:ba:91 brd ff:ff:ff:ff:ff:ff
inet 172.25.44.57/22 brd 172.25.47.255 scope global bond1
   valid_lft forever preferred_lft forever
10: ;vdsmdummy;:  mtu 1500 qdisc noop state DOWN
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
12: ovirtmgmt:  mtu 1500 qdisc noqueue state UP
link/ether 00:21:5a:9b:ba:8d brd ff:ff:ff:ff:ff:ff
inet 10.5.12.48/22 brd 10.5.15.255 scope global ovirtmgmt
   valid_lft forever preferred_lft forever
31: Development:  mtu 1500 qdisc
noqueue state UP
link/ether 00:21:5a:9b:ba:95 brd ff:ff:ff:ff:ff:ff
inet 10.5.30.12/22 brd 10.5.31.255 scope global Development
   valid_lft forever preferred_lft forever
32: vnet0:  mtu 1500 qdisc pfifo_fast
master Development state UNKNOWN qlen 500
link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff


> brctl show


bridge name bridge id   STP enabled interfaces
;vdsmdummy; 8000.   no
Development8000.00215a9bba95   no  eno5
vnet0
ovirtmgmt   8000.00215a9bba8d   no  bond0


> vdsClient -s 0 getVdsCaps
>

HBAInventory = {'FC': [{'model': '554FLB - HP FlexFabric 10Gb
2-port 

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Edward Haas]

On Mon, Sep 12, 2016 at 3:14 PM, Luca 'remix_tj' Lorenzetto <
lorenzetto.l...@gmail.com> wrote:

> On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe  wrote:
> > So is the problem getting traffic between two different VLANs working?
> If
> > so, have you double checked your routing?
>
> No, the issue is that VM cannot still ping the gateway of it's own network.
>
> Resuming:
>
> VM can ping the host interface assigned to the logical network (eno5)
> VM cannot ping gateway
>
> Host can ping gateway and VM
>
> External machine (e.g. gateway) cannot ping VM
> External machine can ping the host interface assigned to the logical
> network (eno5)
>

I may be missing something here, and a diagram would have helped.
Assuming this is your setup, see how vlan tagging matters and translates to
the network:

[pc]---[switch][eno5]-[eno5.828][bridge][vNIC -
regular iface, no vlan]

In this setup, eno5 and eno5.828 should not have any IP defined, that is
not legal. You need the address on the bridge.
And you are not suppose to add it manually, but set it through Engine.
Based on your description, setting an address on eno5, means that your
gw/pc is not residing on a VLAN, or you have no trunk between eno
to it.
Perhaps it will be better to just add here the output of from the host:
ip addr
brctl show
vdsClient -s 0 getVdsCaps

and fix the data flow diagram if it is not correct.


>
> --
> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
> calcoli che potrebbero essere affidati a chiunque se si usassero delle
> macchine"
> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
>
> "Internet è la più grande biblioteca del mondo.
> Ma il problema è che i libri sono tutti sparsi sul pavimento"
> John Allen Paulos, Matematico (1945-vivente)
>
> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <
> lorenzetto.l...@gmail.com>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Mon, Sep 12, 2016 at 2:11 PM, Colin Coe  wrote:
> So is the problem getting traffic between two different VLANs working?  If
> so, have you double checked your routing?

No, the issue is that VM cannot still ping the gateway of it's own network.

Resuming:

VM can ping the host interface assigned to the logical network (eno5)
VM cannot ping gateway

Host can ping gateway and VM

External machine (e.g. gateway) cannot ping VM
External machine can ping the host interface assigned to the logical
network (eno5)

-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Colin Coe]

So is the problem getting traffic between two different VLANs working?  If
so, have you double checked your routing?

On Mon, Sep 12, 2016 at 8:09 PM, Luca 'remix_tj' Lorenzetto <
lorenzetto.l...@gmail.com> wrote:

> On Mon, Sep 12, 2016 at 2:08 PM, Colin Coe  wrote:
> > I've been using RHEV with HP virtual connect (currently C7000 with
> > Flex10/10D, previously C3000 With Flex10) for years now, mostly without
> > problems.
> >
> > The switch port that connects the virtual connect environment to the
> rest of
> > your network, is it configured as a trunk and is VLAN 828 allowed?
>
> Yes. The issue is not related to VC, because traffic for that VLAN
> flows in and out without problems.
>
> --
> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
> calcoli che potrebbero essere affidati a chiunque se si usassero delle
> macchine"
> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
>
> "Internet è la più grande biblioteca del mondo.
> Ma il problema è che i libri sono tutti sparsi sul pavimento"
> John Allen Paulos, Matematico (1945-vivente)
>
> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <
> lorenzetto.l...@gmail.com>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Mon, Sep 12, 2016 at 2:08 PM, Colin Coe  wrote:
> I've been using RHEV with HP virtual connect (currently C7000 with
> Flex10/10D, previously C3000 With Flex10) for years now, mostly without
> problems.
>
> The switch port that connects the virtual connect environment to the rest of
> your network, is it configured as a trunk and is VLAN 828 allowed?

Yes. The issue is not related to VC, because traffic for that VLAN
flows in and out without problems.

-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Colin Coe]

I've been using RHEV with HP virtual connect (currently C7000 with
Flex10/10D, previously C3000 With Flex10) for years now, mostly without
problems.

The switch port that connects the virtual connect environment to the rest
of your network, is it configured as a trunk and is VLAN 828 allowed?

On Mon, Sep 12, 2016 at 8:01 PM, Luca 'remix_tj' Lorenzetto <
lorenzetto.l...@gmail.com> wrote:

> On Mon, Sep 12, 2016 at 9:44 AM, Luca 'remix_tj' Lorenzetto
>  wrote:
>
> > I did also the same using the ovirtmgmt logical network and i'm
> > experiencing the same problem.
>
> Did some other investigation, with new findings. Tried using a CirrOS
> image to eliminate possible issues on the VM. Ping is still broken.
> Making some bridge troubleshooting i found out that:
>
> arp request is sent by the VM
> arp request is forwarded by the "Development" bridge
> arp reply is sent by the router 10.5.31.254 back to the bridge.
> arp reply is NOT FORWARDED to the VM.
>
> This is a strange behaviour of the bridge. Maybe i'm missing some
> sysctl configurations.
>
> Luca
>
> --
> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
> calcoli che potrebbero essere affidati a chiunque se si usassero delle
> macchine"
> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
>
> "Internet è la più grande biblioteca del mondo.
> Ma il problema è che i libri sono tutti sparsi sul pavimento"
> John Allen Paulos, Matematico (1945-vivente)
>
> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <
> lorenzetto.l...@gmail.com>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Mon, Sep 12, 2016 at 2:01 PM, Luca 'remix_tj' Lorenzetto
 wrote:
[cut]
> Making some bridge troubleshooting i found out that:
>
> arp request is sent by the VM
> arp request is forwarded by the "Development" bridge
> arp reply is sent by the router 10.5.31.254 back to the bridge.
> arp reply is NOT FORWARDED to the VM.

Forgot to say that setting static arp entry for the ip of the gw on
the VM gave the ability to ping successfully the gateway.

I'm now investigating further on bridge.

Luca



-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Mon, Sep 12, 2016 at 9:44 AM, Luca 'remix_tj' Lorenzetto
 wrote:

> I did also the same using the ovirtmgmt logical network and i'm
> experiencing the same problem.

Did some other investigation, with new findings. Tried using a CirrOS
image to eliminate possible issues on the VM. Ping is still broken.
Making some bridge troubleshooting i found out that:

arp request is sent by the VM
arp request is forwarded by the "Development" bridge
arp reply is sent by the router 10.5.31.254 back to the bridge.
arp reply is NOT FORWARDED to the VM.

This is a strange behaviour of the bridge. Maybe i'm missing some
sysctl configurations.

Luca

-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Sun, Sep 11, 2016 at 7:32 PM, Edward Haas  wrote:
>
> This means you have a trunk set on the switch port connected to eno5, right?

I'm using HP Virtual Connect and i configured the interface as
"Multiple Networks". On that interface i can list the VLANs that i
need on the specific interface. If required i can flag one of these
VLANs as native.

At the moment the setup is this:

on eno5 interface is set as "Multiple Networks". Only one network
added, which is the VLAN 828. That VLAN is set as 828, so you can
communicate over that network without specifying VLAN id.



> I would recommend setting an IP address to the 'Development' network in the
> same subnet
> so you could check if your VM can reach it and if you can reach from it to
> the router.
> Then you will have a better understanding where is the problem.
>

Added on eno5 the IP 10.5.30.12, with router settings.

From my PC i can ping that IP

remixtj@remixtj:~$ ping 10.5.30.12
PING 10.5.30.12 (10.5.30.12) 56(84) bytes of data.
64 bytes from 10.5.30.12: icmp_seq=2 ttl=61 time=4.09 ms
64 bytes from 10.5.30.12: icmp_seq=3 ttl=61 time=0.478 ms
64 bytes from 10.5.30.12: icmp_seq=4 ttl=61 time=0.415 ms

On the VM same. The ip is pingable.

I did also the same using the ovirtmgmt logical network and i'm
experiencing the same problem.

Luca

-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Edward Haas]

On Fri, Sep 9, 2016 at 2:05 PM, Luca 'remix_tj' Lorenzetto <
lorenzetto.l...@gmail.com> wrote:

> On Fri, Sep 9, 2016 at 12:49 PM, Edward Haas  wrote:
>
> >
> >
> > Can you please elaborate on what address you assigned to the VM and
> > to what address did you tried to ping?
>
>
> I can explain more how is the network setup:
>
> i have a vlan with vlan id 828. The addressing assigned to this vlan
> is 10.5.28.0/22.
> Gateway is 10.5.31.254
>
> My VM has ip 10.5.28.211 and is pinging the default gateway (10.5.31.254).
>
> Logical network "Development" is connected to the interface eno5 and
> has no ip address.
>
> What i get on the vm is Destination Host Unreachable, and arp -an
> shows 10.5.31.254 as incomplete.
>
> It's a clear sign of network isolation.
>
> Luca
>
>
This means you have a trunk set on the switch port connected to eno5, right?
I would recommend setting an IP address to the 'Development' network in the
same subnet
so you could check if your VM can reach it and if you can reach from it to
the router.
Then you will have a better understanding where is the problem.
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Fri, Sep 9, 2016 at 12:49 PM, Edward Haas  wrote:

>
>
> Can you please elaborate on what address you assigned to the VM and
> to what address did you tried to ping?


I can explain more how is the network setup:

i have a vlan with vlan id 828. The addressing assigned to this vlan
is 10.5.28.0/22.
Gateway is 10.5.31.254

My VM has ip 10.5.28.211 and is pinging the default gateway (10.5.31.254).

Logical network "Development" is connected to the interface eno5 and
has no ip address.

What i get on the vm is Destination Host Unreachable, and arp -an
shows 10.5.31.254 as incomplete.

It's a clear sign of network isolation.

Luca

-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Edward Haas]

On Fri, Sep 9, 2016 at 11:50 AM, Luca 'remix_tj' Lorenzetto <
lorenzetto.l...@gmail.com> wrote:

> Hello Marcin,
>
> iptables -L is clean, default policy accept. Iptables and firewalld
> has been stopped.
>
> I'm not able to find out what's happening.
>
> Luca
>
> On Fri, Sep 9, 2016 at 10:37 AM, Marcin Mirecki 
> wrote:
> > Hello Luca,
> >
> > The description of your setup seems to be correct.
> > Can you please disable firewalld and iptables just to make sure this is
> not the cause.
> > I'll try to recreate and see what the possible causes can be.
> >
> > Thanks,
> > Marcin
> >
> >
> > - Original Message -
> >> From: "Luca 'remix_tj' Lorenzetto" 
> >> To: users@ovirt.org
> >> Sent: Thursday, September 8, 2016 5:44:27 PM
> >> Subject: [ovirt-users] [ovirt 3.6] Logical network not working
> >>
> >> Hello,
> >>
> >> i'm new to ovirt and i did some months ago a setup of ovirt 3.6 for
> >> playing. My setup is composed by two physical hosts with 6 nic each
> >> and another machine hosting the engine. All hosts are running RHEL 7.2
> >>
> >> Setup went well, no problems. I've been able to convert the kvm image
> >> provided by redhat and have it running on ovirt.
> >>
> >> Then i decided to configure a new network in addition to the
> >> ovirtmgmt. I went to networks, i created the logical network called
> >> Development and set the flag "Enable VLAN Tagging" and inserted the
> >> vlan tag.
> >> Once created the logical network i went to each host and did setup
> >> network and assigned the logical network to the interface where the
> >> vlan is connected. The interface is configured with bootproto=none, so
> >> no IP has been assigned to the eno5.828 that appeared after assigning
> >> logical network.
> >>
> >> I started then a vm and connected to the vNIC "Develoment/Development"
> >> and assigned an IP. But networking is not working: no ping, no traffic
> >> visible with tcpdump.
>

Can you please elaborate on what address you assigned to the VM and
to what address did you tried to ping?


> >>
> >> I tested the single interfaces on the hosts and where the logical
> >> network is connected with tcpdump (both eno5 and eno5.828) i see tons
> >> of broadcast traffic of that interface.
> >>
> >> With brctl-show i see that assigned to the bridge Development there
> >> are both eno5.828 and vnic0.
> >>
> >> Any way to understand what's happening and why traffic is not passing?
> >>
> >> Thank you
> >>
> >> Luca
> >>
> >> --
> >> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
> >> calcoli che potrebbero essere affidati a chiunque se si usassero delle
> >> macchine"
> >> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
> >>
> >> "Internet è la più grande biblioteca del mondo.
> >> Ma il problema è che i libri sono tutti sparsi sul pavimento"
> >> John Allen Paulos, Matematico (1945-vivente)
> >>
> >> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net ,
> >> 
> >> ___
> >> Users mailing list
> >> Users@ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >>
>
>
>
> --
> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
> calcoli che potrebbero essere affidati a chiunque se si usassero delle
> macchine"
> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
>
> "Internet è la più grande biblioteca del mondo.
> Ma il problema è che i libri sono tutti sparsi sul pavimento"
> John Allen Paulos, Matematico (1945-vivente)
>
> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <
> lorenzetto.l...@gmail.com>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Luca 'remix_tj' Lorenzetto]

On Fri, Sep 9, 2016 at 11:08 AM, Marcin Mirecki  wrote:
> Luca,
>
> Have you tried adding a network with no VLAN? Can you try adding
> another network the same way, but with no VLAN?
> This could help us to establish the cause of the problem (vlan or other).
>


Hello,

i'll try again, but i already did the same test with the vlan set as
native on the interface and configured the Logical Network without
vlan. The only difference was that firewall was up.

Luca


-- 
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] [ovirt 3.6] Logical network not working

[Marcin Mirecki]

Hello Luca,

The description of your setup seems to be correct.
Can you please disable firewalld and iptables just to make sure this is not the 
cause.
I'll try to recreate and see what the possible causes can be.

Thanks,
Marcin


- Original Message -
> From: "Luca 'remix_tj' Lorenzetto" 
> To: users@ovirt.org
> Sent: Thursday, September 8, 2016 5:44:27 PM
> Subject: [ovirt-users] [ovirt 3.6] Logical network not working
> 
> Hello,
> 
> i'm new to ovirt and i did some months ago a setup of ovirt 3.6 for
> playing. My setup is composed by two physical hosts with 6 nic each
> and another machine hosting the engine. All hosts are running RHEL 7.2
> 
> Setup went well, no problems. I've been able to convert the kvm image
> provided by redhat and have it running on ovirt.
> 
> Then i decided to configure a new network in addition to the
> ovirtmgmt. I went to networks, i created the logical network called
> Development and set the flag "Enable VLAN Tagging" and inserted the
> vlan tag.
> Once created the logical network i went to each host and did setup
> network and assigned the logical network to the interface where the
> vlan is connected. The interface is configured with bootproto=none, so
> no IP has been assigned to the eno5.828 that appeared after assigning
> logical network.
> 
> I started then a vm and connected to the vNIC "Develoment/Development"
> and assigned an IP. But networking is not working: no ping, no traffic
> visible with tcpdump.
> 
> I tested the single interfaces on the hosts and where the logical
> network is connected with tcpdump (both eno5 and eno5.828) i see tons
> of broadcast traffic of that interface.
> 
> With brctl-show i see that assigned to the bridge Development there
> are both eno5.828 and vnic0.
> 
> Any way to understand what's happening and why traffic is not passing?
> 
> Thank you
> 
> Luca
> 
> --
> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
> calcoli che potrebbero essere affidati a chiunque se si usassero delle
> macchine"
> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
> 
> "Internet è la più grande biblioteca del mondo.
> Ma il problema è che i libri sono tutti sparsi sul pavimento"
> John Allen Paulos, Matematico (1945-vivente)
> 
> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net ,
> 
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users