On Tue, Nov 21, 2017 at 6:16 PM, Edward Clay <edward.c...@uk2group.com> wrote:
> > On Tue, 2017-11-21 at 09:00 +0200, Edward Haas wrote: > > > > On Tue, Nov 21, 2017 at 1:24 AM, Edward Clay <edward.c...@uk2group.com> > wrote: > > Hello, > > We have an issue where hosts are configured with the public facing nework > interface as the ovirtmgmt network and it's default route is added to a > ovirt created table but not to the main routing table. From my searching > I've found this snippet from https://www.ovirt.org/develop/ > release-management/features/network/multiple-gateways/ which seems to > explain why I can't ping anything or communicate with any other system > needing a default route. > > > By default, the default route is set on the ovirtmgmt network (the default > one, defined on the interface/ip which you added the host to Engine). > Do you have a different network set up which you will like to set the > default route on? > > > > "And finally, here's the host's main routing table. Any traffic coming in > to the host will use the ip rules and an interface's routing table. The > main routing table is only used for traffic originating from the host." > > I'm seeing the following main and custom ovirt created tables. > > main: > # ip route show table main > 10.0.0.0/8 via 10.4.16.1 dev enp3s0.106 > 10.4.16.0/24 dev enp3s0.106 proto kernel scope link src 10.4.16.15 > 1.1.1.0/24 dev PUBLICB proto kernel scope link src 1.1.1.1 169.254.0.0/16 > dev enp6s0 scope link metric 1002 > 169.254.0.0/16 dev enp3s0 scope link metric 1003 > 169.254.0.0/16 dev enp7s0 scope link metric 1004 > 169.254.0.0/16 dev enp3s0.106 scope link metric 1020 > 169.254.0.0/16 dev PRIVATE scope link metric 1022 > 169.254.0.0/16 dev PUBLIC scope link metric 1024 > > table 1138027711 > # ip route show table 1138027711 > default via 1.1.1.1 dev PUBLIC > 1.1.1.0/24 via 1.1.1.1 dev PUBLIC > > If I manually execute the following command to add the default route as > well to the main table I can ping ouside of the local network. > > ip route add 0.0.0.0/0 via 1.1.1.1 dev PUBLIC > > If I attempt to modify the /etc/sysconfig/network-scripts/route-PUBLIC ad > reboot the server ad one would think this file is recreated by vdsm on boot. > > What I'm looking for is the correct way to setup a default gateway for the > main routing table so the hosts can get OS updates and communicate with the > outside world. > > > Providing the output from "ip addr" may help clear up some things. > It looks like you have on the host the default route set as 10.4.16.1 (on > enp3s0.106), could you elaborate what this interface is? > > > We have setup vlan taging to utilize the 2 internetal network interfaces > (originally enp6s0 and enp7s0) to be configured with mulitiple networks > each. We eventually added 10Gb nics to all servers to improve san glusterfs > performance which is enp3s0 which replaced enp6s0 in our setup. > > enp3s0.106 = ovirtmgmt network access to private internal networks only > enp3s0.206 = private network bridge PRIVATE used for private internal > network access for VMs > enp7s0.606 = is used for public access for both VMs (bridge) and each > host/cp/san in our ovirt setup named PUBLIC > > # ip addr show > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever > 2: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast > state UP qlen 1000 > link/ether 00:25:90:38:d6:2c brd ff:ff:ff:ff:ff:ff > inet6 fe80::225:90ff:fe38:d62c/64 scope link > valid_lft forever preferred_lft forever > 3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP > qlen 1000 > link/ether 90:e2:ba:1d:a4:00 brd ff:ff:ff:ff:ff:ff > inet6 fe80::92e2:baff:fe1d:a400/64 scope link > valid_lft forever preferred_lft forever > 4: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast > state UP qlen 1000 > link/ether 00:25:90:38:d6:2d brd ff:ff:ff:ff:ff:ff > 20: enp3s0.106@enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > noqueue state UP qlen 1000 > link/ether 90:e2:ba:1d:a4:00 brd ff:ff:ff:ff:ff:ff > inet 10.4.16.15/24 brd 10.4.16.255 scope global enp3s0.106 > valid_lft forever preferred_lft forever > 21: enp3s0.206@enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > noqueue master PRIVATEB state UP qlen 1000 > link/ether 90:e2:ba:1d:a4:00 brd ff:ff:ff:ff:ff:ff > 22: PRIVATE: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue > state UP qlen 1000 > link/ether 90:e2:ba:1d:a4:00 brd ff:ff:ff:ff:ff:ff > 23: enp7s0.606@enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > noqueue master PUBLICB state UP qlen 1000 > link/ether 00:25:90:38:d6:2d brd ff:ff:ff:ff:ff:ff > 24: PUBLIC: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue > state UP qlen 1000 > link/ether 00:25:90:38:d6:2d brd ff:ff:ff:ff:ff:ff > inet 1.1.1.10/24 brd 1.1.1.255 scope global PUBLICB > valid_lft forever preferred_lft forever > 25: ;vdsmdummy;: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen > 1000 > link/ether 0e:32:93:dd:a4:55 brd ff:ff:ff:ff:ff:ff > > > So all this being said I just need to reconfigure things in a way that the > PUBLIC interface has a default route in the main routing table. Otherwise > all ovirt host are unable to communicate with the outside world until I > manually add a default route to 1.1.1.1 via the PUBLIC interface. Is that > possible. > It is available in oVirt 4.2 as a network cluster role. The option to assign a default route role to a network: https://www.ovirt.org/documentation/admin-guide/chap-Logical_Networks/#designate-a-specific-traffic-type-for-a-logical-network-with-the-manage-networks-window On 4.1, it is available as a network custom property and its support is limited: See https://bugzilla.redhat.com/show_bug.cgi?id=1200963#c43 and https://gerrit.ovirt.org/#/c/66127 Make sure you do not define two networks with the flag on. > > Thanks, > Edy. > > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > > > -- > > Edward Clay > Systems Adminstrator > UK2 Group -- US Operations > Phone: 1-800-222-2165 <%28800%29%20222-2165> > E-Mail: edward.c...@uk2group.com >
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users