Try virsh nwfilter-edit no-other-l2-traffic and set it to accept, see if
it solves your problem. Might have to restart the VM or libvirtd.
---
Sent from the Delta quadrant using Borg technology!
On 2019-12-03 17:18, Fariborz Navidan wrote:
Any idea on this?
On Sat, Nov 30, 2019 at 1:15 AM Fariborz Navidan
<mdvlinqu...@gmail.com>
wrote:
I just ran "virsh nwfilter-list" following table shows multicast and
mac
and arp spoofing is not allowed. I guess this is why each IP is
constrained
with it's vnet MAC address and does not allow floating IP addresses.
[root@fr-kvm1 ~]# virsh nwfilter-list
UUID Name
------------------------------------------------------------------
906f8af9-317a-47be-8568-83d83fda3187 allow-arp
6a3bee5a-272c-4f9c-ba89-7661529740a2 allow-dhcp
74efaf38-e4ce-4550-a79f-b9df5eec74bf allow-dhcp-server
011fc636-4f6c-48cc-a4dd-efe962c9cc8e allow-incoming-ipv4
30ca1846-10ae-4e1e-bf55-a54371d69d8b allow-ipv4
529466c5-0a94-4908-a0b2-c13c3b3bbc82 clean-traffic
7a5c405e-3b9c-4ac7-a330-67a18a1a4701 clean-traffic-gateway
c7e311be-715b-4d77-9b31-f1f4504abb1f no-arp-ip-spoofing
c6a902a9-b9fa-45c1-9e04-1889f20f1d30 no-arp-mac-spoofing
fce5536f-a2d2-4360-a2c9-b697b4cc2054 no-arp-spoofing
ced96d59-f7d5-4393-853d-9b11ed7afda8 no-ip-multicast
d77ac888-14ff-485a-8093-7be87a2ba46b no-ip-spoofing
a1f14101-78c3-4fad-ba1e-f54e30ba48ae no-mac-broadcast
37b3dfcf-de29-48ad-8826-1e3621c728a3 no-mac-spoofing
c16752f2-8f0c-401f-9275-f5e6d5b9de01 no-other-l2-traffic
3b44715b-b542-4aea-97c2-9dd6c5f2ea44 no-other-rarp-traffic
c93e46c2-5a32-40b7-acd9-47872a01b312 qemu-announce-self
a30e079a-fe7d-4efb-ae8e-d822f4135180 qemu-announce-self-rarp
On Wed, Nov 27, 2019 at 3:18 PM Fariborz Navidan
<mdvlinqu...@gmail.com>
wrote:
Any idea?
On Tue, Nov 26, 2019 at 6:12 PM Fariborz Navidan
<mdvlinqu...@gmail.com>
wrote:
Hello,
I want to be able to use a single secondary IP on two or more VMs
but
secondary IPs only work on the VM it belongs to it. For this work, I
guess
promiscuous mode and/or forged transmits should be enabled on the
network.
For this I have modified the DB table network_offering_details and
then
restarted the network but it still does not work.
When I reserve an IP on a VM and set it on the guest using command
"ip
addr ad ...", it is reachable and works fine but if I delete the ip
from
that guest and add it to another guest which secondary IP was not
reserved
for, it is not reachable using this IP. It means looks like MAC
addresses
are somehow bound to NIC MAC address.
I should notice tat I am running an advanced zone and shared
network.and
security groups are enabled. Default egress policy is "Allow" and
all
tcp/udp/icmp ingress traffic is allowed in the security groups.
But I am still not able to make a shared IP floating.
Please guide me through the right way.
Thanks
