Port security requires subnets. Can you please ensure that you used an external network with port security explicitly disabled? In doubt, please create a new external network with port security explicitly disabled and try again with the new network?
On Tue, Mar 31, 2020 at 2:16 PM Tommaso - Shellrent <tomm...@shellrent.com> wrote: > This is what i've got: > > > > *ovs-vsctl show* > 03a038d4-e81c-45e0-94d1-6f18d6504f1f > Bridge br-int > fail_mode: secure > Port "ovn-765f43-0" > Interface "ovn-765f43-0" > type: geneve > options: {csum="true", key=flow, remote_ip="xxx.169.yy.6"} > Port br-int > Interface br-int > type: internal > Port "vnet1" > Interface "vnet1" > Port "ovn-b33f6e-0" > Interface "ovn-b33f6e-0" > type: geneve > options: {csum="true", key=flow, remote_ip="xxx.169.yy.2"} > Port "vnet3" > Interface "vnet3" > Port "ovn-8678d9-0" > Interface "ovn-8678d9-0" > type: geneve > options: {csum="true", key=flow, remote_ip="xxx.169.yy.8"} > Port "ovn-fdd090-0" > Interface "ovn-fdd090-0" > type: geneve > options: {csum="true", key=flow, remote_ip="xxx.169.yy.4"} > ovs_version: "2.11.0" > > > I suppose that the vnic are: > Port "vnet1" > Interface "vnet1" > Port "vnet3" > Interface "vnet3" > > > > > on the engine: > *ovn-nbctl show* > switch a1f30e99-3ab7-46a4-925d-287871905cab > (ovirt-local_network_definitiva-d58aea97-bb20-4e8f-bcc3-5277754846bb) > port b82f3479-b459-4c26-aff0-053d15c74ddd > addresses: ["56:6f:96:b1:00:4c"] > port 52f09a28-1645-45ff-9b84-1e53a81bb399 > addresses: ["56:6f:96:b1:00:4b"] > > > *ovn-sbctl show* > > Chassis "ab5bdfdd-8df4-4e9b-9ce9-565cfd513a4d" > hostname: "pvt-41f18-002.serverlet.com" > Encap geneve > ip: "aaa.31.bbb.224" > options: {csum="true"} > Port_Binding "b82f3479-b459-4c26-aff0-053d15c74ddd" > Port_Binding "52f09a28-1645-45ff-9b84-1e53a81bb399" > > > Il 31/03/20 13:39, Staniforth, Paul ha scritto: > > The engine runs the controller so ovn-sbctl won't work, on the hosts, use > ovs-vsctl show > > Paul S. > ------------------------------ > *From:* Tommaso - Shellrent <tomm...@shellrent.com> > <tomm...@shellrent.com> > *Sent:* 31 March 2020 12:13 > *To:* Staniforth, Paul <p.stanifo...@leedsbeckett.ac.uk> > <p.stanifo...@leedsbeckett.ac.uk>; users@ovirt.org <users@ovirt.org> > <users@ovirt.org> > *Subject:* Re: [ovirt-users] Local network > > > *Caution External Mail:* Do not click any links or open any attachments > unless you trust the sender and know that the content is safe. > > Hi. > > on engine all seems fine. > > on host the command "ovn-sbctl show" is stuck, and with a strace a se the > following error: > > > connect(5, {sa_family=AF_LOCAL, > sun_path="/var/run/openvswitch/ovnsb_db.sock"}, 37) = -1 ENOENT (No such > file or directory) > > > > > > > Il 31/03/20 11:18, Staniforth, Paul ha scritto: > > > .Hello Tommaso, > on your oVirt engine host run > check the north bridge controller > ovn-nbctl show > this should show a software switch for each ovn logical network witch any > ports that are active( in your case you should have 2) > > check the south bridge controller > ovn-sbctl show > this should show the software switch on each host with a geneve tunnel. > > on each host run > ovs-vsctl show > this should show the virtual switch with a geneve tunnel to each other > host and a port for any active vnics > > Regards, > Paul S. > > ------------------------------ > *From:* Tommaso - Shellrent <tomm...@shellrent.com> > <tomm...@shellrent.com> > *Sent:* 31 March 2020 09:27 > *To:* users@ovirt.org <users@ovirt.org> <users@ovirt.org> > *Subject:* [ovirt-users] Local network > > > *Caution External Mail:* Do not click any links or open any attachments > unless you trust the sender and know that the content is safe. > > Hi to all. > > I'm trying to connect two vm, on the same "local storage" host, with an > internal isolated network. > > My setup; > > VM A: > > - eth0 with an external ip > - eth1, with 1922.168.1.1/24 > > VM B > > - eth0 with an external ip > - eth1, with 1922.168.1.2/24 > > the eth1 interfaces are connetter by a network created on external > provider ovirt-network-ovn , whithout a subnet defined. > > Now, the external ip works fine, but the two vm cannot connect through the > local network > > ping: ko > arping: ko > > > any idea to what to check? > > > Regards > -- > -- > [image: Shellrent - Il primo hosting italiano Security First] > *Tommaso De Marchi* > *COO - Chief Operating Officer* > Shellrent Srl > Via dell'Edilizia, 19 - 36100 Vicenza > Tel. 0444321155 <+390444321155> | Fax 04441492177 > To view the terms under which this email is distributed, please go to:- > http://leedsbeckett.ac.uk/disclaimer/email/ > > -- > -- > [image: Shellrent - Il primo hosting italiano Security First] > *Tommaso De Marchi* > *COO - Chief Operating Officer* > Shellrent Srl > Via dell'Edilizia, 19 - 36100 Vicenza > Tel. 0444321155 <+390444321155> | Fax 04441492177 > To view the terms under which this email is distributed, please go to:- > http://leedsbeckett.ac.uk/disclaimer/email/ > > -- > -- > [image: Shellrent - Il primo hosting italiano Security First] > *Tommaso De Marchi* > *COO - Chief Operating Officer* > Shellrent Srl > Via dell'Edilizia, 19 - 36100 Vicenza > Tel. 0444321155 <+390444321155> | Fax 04441492177 > _______________________________________________ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/privacy-policy.html > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/Y7KU2IVEHXHX3PB24KLSVSJUSOVH5S62/ >
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/NVFJUV5OF5Z74GQXA6SBF7NFD7CJW6TN/