On Mon, Oct 30, 2017 at 8:45 AM, Istvan Buki <buki.ist...@gmail.com> wrote: > Hello, > > thank you for your patience for trying to let me see the light. > > Indeed I don't understand what you are explaining. Maybe if I give you more > concrete details it will help. > > My internal network is 192.168.196.0 > My DMZ network is 192.168.188.0 > > ovirt-engine is running on a centos server with IP 192.168.186.3 > ovirt host is on a centos server with IP 192.168.186.4 > > On the host I created a VM that I want to be in the DMZ. When I created the > VM, nic 1 was automatically added and is linked to the ovirtmgmt network. > In the VM nic1 becomes eth0 and was assigned an IP address with DHCP > 192.168.186.167. > > After that I added a host device to that VM using passthrough. This device > is called ens7 in the VM and I gave IP 192.186.188.4. > That device is directly connected to my physical DMZ switch and from there > to the firewall. > This part is OK. > > My problem is that through eth0 my VM has access to my internal network. > Removing the device seems impossible because this is ovirtmgmt network. > I can not change or remove the IP of my host because it would not be > reachable anymore on my internal network. > > Maybe the solution is obvious but I can't see it. I'm running in circle with > this problem and it makes me crazy. >
Hi Istvan, why are you using device passthrough? Anyway. If you don't need the VM to access to ovirtmgmt, remove nic1. As far as i can understand, you're directly communicating through DMZ. Luca -- "E' assurdo impiegare gli uomini di intelligenza eccellente per fare calcoli che potrebbero essere affidati a chiunque se si usassero delle macchine" Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716) "Internet è la più grande biblioteca del mondo. Ma il problema è che i libri sono tutti sparsi sul pavimento" John Allen Paulos, Matematico (1945-vivente) Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <lorenzetto.l...@gmail.com> _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users