On Tue, Feb 2, 2021 at 10:06 AM David Johnson <djohn...@maxistechnology.com> wrote:
> Good morning Ales, > > Thank you for your response. > > At this point, while I believe I have marked the networks as required, I > am hesitant to assume that they are marked because I don't understand for > sure which pieces I don't understand. > > Unfortunately, what I am missing is a number of random bits and pieces > that tie everything together. > > I have fought with the networking on this cluster for over a week. The > network configuration was so messed up it was faster and cleaner to wipe > the cluster completely and start from scratch, and I just finished a clean > reinstallation. > > Now that it's back up and I understand it better, the VM's on VLAN's are > still unable to reach beyond themselves - they cannot even ping the host > they are on. > > Rather than try to address it symptom by symptom, I would like to get a > solid overview of how the different pieces tie together. Unfortunately, in > the official documentation, all I found was which buttons to push to edit > the vlan, with nothing that addresses how the different pieces are wired > together. > > My understanding of the architecture is: > > VM -> vNIC -> virtual switch -> physical NIC -> external network -> > gateway -> internet > When you create a tagged network, the scheme changes a bit: VM -> vNIC -> BRIDGE -> NIC.tag -> NIC -> switch All the VM traffic will get tagged this way, and the switch port should be in trunk mode allowing tagged traffic through. > > What I don't understand is how to determine at which point in the > architecture the configuration is wrong, when the only symptom I have for > sure right now is that my VM's on a VLAN won't ping the host or anything on > the external network. > > At one point everything was working as expected, briefly, before the whole > thing came crashing down, so the external network is at least mostly > configured. > > On Tue, Feb 2, 2021, 12:20 AM Ales Musil <amu...@redhat.com> wrote: > >> >> >> On Tue, Feb 2, 2021 at 6:18 AM David Johnson < >> djohn...@maxistechnology.com> wrote: >> >>> Good morning all, >>> >>> On my ovirt 4.4.4 cluster, I am trying to use VLan's to separate VM's >>> for security purposes. >>> >>> Is there a usable how-to document that describes how to configure the >>> vlan's so they actually function without taking the host into >>> non-operational mode? >>> >>> Thank you in advance. >>> >>> Regards, >>> David Johnson >>> >>> _______________________________________________ >>> Users mailing list -- users@ovirt.org >>> To unsubscribe send an email to users-le...@ovirt.org >>> Privacy Statement: https://www.ovirt.org/privacy-policy.html >>> oVirt Code of Conduct: >>> https://www.ovirt.org/community/about/community-guidelines/ >>> List Archives: >>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/IYPORJKHTSVTYTTRGWIW3V2MF5CFZ6DC/ >>> >> >> Hello, >> >> I assume that you have marked those networks as required. This is handy >> to make sure that all hosts in a cluster have this network attached. >> Which implies that the host is considered non operational until you >> assign all required networks. >> >> To avoid this you can uncheck it for a new network in the cluster tab of >> the "New Logical Network" window. For existing go to >> Compute -> Clusters -> $YOUR_CLUSTER -> Logical Networks -> Manage >> Networks and uncheck required for the affected network. >> This can be always changed back. >> >> Hopefully this helps. >> Regards, >> Ales >> >> >> >> >> -- >> >> Ales Musil >> >> Software Engineer - RHV Network >> >> Red Hat EMEA <https://www.redhat.com> >> >> amu...@redhat.com IM: amusil >> <https://red.ht/sig> >> > _______________________________________________ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/privacy-policy.html > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/47JUY2NVTCQ76LPCVIAHY7ONYSZV3P5B/ >
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/UY5BJDCRF32UVGMV3QYILY5MIRLYFFVM/