Re: DHCP instance/vm issue

Tue, 09 Jul 2019 08:16:42 -0700 

My vm was assigned an ip from our endpoint DHCP server, not from VR. Do I
need to add firewall rule(s) to force DHCP request to VR? I probably missed
a part of setup w/KVM hosts and or within management when I defined the
zone/pod/...

This seems to be correct, VR is running on a different host then the vm.

Chain i-2-11-VM-eg (1 references)
 pkts bytes target     prot opt in     out     source
destination
    0     0 RETURN     all  --  *      *       0.0.0.0/0
0.0.0.0/0

Chain i-2-11-def (2 references)
 pkts bytes target     prot opt in     out     source
destination
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0            state RELATED,ESTABLISHED
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0
0.0.0.0/0            PHYSDEV match --physdev-in vnet0 --physdev-is-bridged
udp spt:68 dpt:67
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0
0.0.0.0/0            PHYSDEV match --physdev-out vnet0 --physdev-is-bridged
udp spt:67 dpt:68
    0     0 DROP       all  --  *      *       0.0.0.0/0
0.0.0.0/0            PHYSDEV match --physdev-in vnet0 --physdev-is-bridged
! match-set i-2-11-VM src
    0     0 RETURN     udp  --  *      *       0.0.0.0/0
0.0.0.0/0            PHYSDEV match --physdev-in vnet0 --physdev-is-bridged
match-set i-2-11-VM src udp dpt:53
    0     0 RETURN     tcp  --  *      *       0.0.0.0/0
0.0.0.0/0            PHYSDEV match --physdev-in vnet0 --physdev-is-bridged
match-set i-2-11-VM src tcp dpt:53
    0     0 i-2-11-VM-eg  all  --  *      *       0.0.0.0/0
0.0.0.0/0            PHYSDEV match --physdev-in vnet0 --physdev-is-bridged
match-set i-2-11-VM src
   15  1963 i-2-11-VM  all  --  *      *       0.0.0.0/0
0.0.0.0/0            PHYSDEV match --physdev-out vnet0 --physdev-is-bridged



Thanks for quick response Andrija!

-  Jesse




On Tue, Jul 9, 2019 at 10:39 AM Andrija Panic <[email protected]>
wrote:

> ACS will only offer DHCP leases to its VMs, via DHCP reservation.. If you
> have another DHCP server in your area, than it might be quicker to offer a
> lease to a VM. You have to either remove your non-ACS DHCP server
> completely, OR make sure it uses reservation for non-ACS servers/hosts i.e.
> NOT let it issue leases freely to anyone who asks for it. Pure DHCP
> "problem" - i.e. nothing to do with ACS specifically.
>
> Best,
> Andrija
>
> On Tue, Jul 9, 2019, 20:27 <[email protected]> wrote:
>
> > Have a DHCP issue where vm pulls from ACS proxy properly sometimes and
> > other when it pulls from our normal dhcp server for end-points.
> >
> > Network layout is flat, and I ACS is using basic network with security
> > groups. IP range for acs is  within range of our normal network so vms
> and
> > endpoints will flow without additional hardware. How do I ensure dhcp
> > requests are served by router vm and not our normal dhcp server?
> >
> > TIA,
> >   Jesse
> >
>

Reply via email to