I have a physical network ovirtmgmt, and a logical network 10-non-prod with the vlan tag of 10 and the network label of 10.
The physical and vlan have both been dragged to the enp0 NIC on the host. What I understand from this is that the bridge has been there all along, but, since I can't ping the host no traffic is crossing it. Host IP's : *192.168.2.18/24 <http://192.168.2.18/24> * and *10.210.100.18/24 <http://10.210.100.18/24>* VLAN IP on host: *10.210.10.18/24 <http://10.210.10.28/24>* Regards, David Johnson On Tue, Feb 2, 2021 at 12:44 PM Dan Yasny <dya...@gmail.com> wrote: > > > On Tue, Feb 2, 2021 at 1:38 PM David Johnson <djohn...@maxistechnology.com> > wrote: > >> Thanks, this is a step closer, but the details are still very sketchy. >> >> Following the instructions at >> https://www.ovirt.org/documentation/administration_guide/#appe-Custom_Network_Properties >> : >> >> If I understand the instructions correctly: >> >> 1. Open the host in the Ovirt UI >> 2. Go to the Network tab >> 3. Select the NIC I want to bridge to >> 4. Click "Setup Host Networks" >> 5. Click the pencil icon on the (host? VLAN?) network >> 6. Choose the Custom Properties tab >> 7. In the Custom Properties (Please Select a key), choose >> "bridge_opts" >> 8. ???? At this point, there is no way to add the keys it looks like >> it needs ??? Total loss ??? >> >> > You need to create a logical network first. Do you have any of those? > Logical networks are where you may add VLAN tags. > > In the hosts' network setup window you simply drag the logical network to > the NIC or bond and save. The VLAN tag and bridge will be created > accordingly on the host > > >> >> Regards, >> David Johnson >> Director of Development, Maxis Technology >> 844.696.2947 ext 702 (o) | 479.531.3590 (c) >> djohn...@maxistechnology.com >> >> >> [image: Maxis Techncology] <http://www.maxistechnology.com> >> www.maxistechnology.com >> >> >> *stay connected <http://www.linkedin.com/in/pojoguy>* >> >> >> On Tue, Feb 2, 2021 at 9:24 AM Dan Yasny <dya...@gmail.com> wrote: >> >>> >>> >>> On Tue, Feb 2, 2021 at 10:20 AM David Johnson < >>> djohn...@maxistechnology.com> wrote: >>> >>>> This is great ... I am missing the bridge (at least). >>>> >>>> Does the bridge reside on the host or the VM? Is it created in the >>>> Ovirt UI, or in the VM operating system? >>>> >>> >>> On the host. Logical networks in oVirt are a virtual construct, >>> translating to a "profile" that gets built on the hosts in the cluster. >>> Essentially, each logical network is a bridge with the same name on the >>> hosts, and if there's a vlan tag, then the interface (or bond) gets tagged, >>> and the bridge is built on top of that tagged interface. VMs are plugged >>> into the bridges and their traffic flows through the bridges to the >>> switches. Very simple really, and there was a KB we published about this >>> about a decade ago. >>> >>> >>>> >>>> Thanks! >>>> >>>> David Johnson >>>> >>>> On Tue, Feb 2, 2021 at 9:16 AM Dan Yasny <dya...@gmail.com> wrote: >>>> >>>>> >>>>> >>>>> On Tue, Feb 2, 2021 at 10:06 AM David Johnson < >>>>> djohn...@maxistechnology.com> wrote: >>>>> >>>>>> Good morning Ales, >>>>>> >>>>>> Thank you for your response. >>>>>> >>>>>> At this point, while I believe I have marked the networks as >>>>>> required, I am hesitant to assume that they are marked because I don't >>>>>> understand for sure which pieces I don't understand. >>>>>> >>>>>> Unfortunately, what I am missing is a number of random bits and >>>>>> pieces that tie everything together. >>>>>> >>>>>> I have fought with the networking on this cluster for over a week. >>>>>> The network configuration was so messed up it was faster and cleaner to >>>>>> wipe the cluster completely and start from scratch, and I just finished a >>>>>> clean reinstallation. >>>>>> >>>>>> Now that it's back up and I understand it better, the VM's on VLAN's >>>>>> are still unable to reach beyond themselves - they cannot even ping the >>>>>> host they are on. >>>>>> >>>>>> Rather than try to address it symptom by symptom, I would like to get >>>>>> a solid overview of how the different pieces tie together. Unfortunately, >>>>>> in the official documentation, all I found was which buttons to push to >>>>>> edit the vlan, with nothing that addresses how the different pieces are >>>>>> wired together. >>>>>> >>>>>> My understanding of the architecture is: >>>>>> >>>>>> VM -> vNIC -> virtual switch -> physical NIC -> external network -> >>>>>> gateway -> internet >>>>>> >>>>> >>>>> When you create a tagged network, the scheme changes a bit: >>>>> VM -> vNIC -> BRIDGE -> NIC.tag -> NIC -> switch >>>>> >>>>> All the VM traffic will get tagged this way, and the switch port >>>>> should be in trunk mode allowing tagged traffic through. >>>>> >>>>> >>>>> >>>>> >>>>>> >>>>>> What I don't understand is how to determine at which point in the >>>>>> architecture the configuration is wrong, when the only symptom I have for >>>>>> sure right now is that my VM's on a VLAN won't ping the host or anything >>>>>> on >>>>>> the external network. >>>>>> >>>>>> At one point everything was working as expected, briefly, before the >>>>>> whole thing came crashing down, so the external network is at least >>>>>> mostly >>>>>> configured. >>>>>> >>>>>> On Tue, Feb 2, 2021, 12:20 AM Ales Musil <amu...@redhat.com> wrote: >>>>>> >>>>>>> >>>>>>> >>>>>>> On Tue, Feb 2, 2021 at 6:18 AM David Johnson < >>>>>>> djohn...@maxistechnology.com> wrote: >>>>>>> >>>>>>>> Good morning all, >>>>>>>> >>>>>>>> On my ovirt 4.4.4 cluster, I am trying to use VLan's to separate >>>>>>>> VM's for security purposes. >>>>>>>> >>>>>>>> Is there a usable how-to document that describes how to configure >>>>>>>> the vlan's so they actually function without taking the host into >>>>>>>> non-operational mode? >>>>>>>> >>>>>>>> Thank you in advance. >>>>>>>> >>>>>>>> Regards, >>>>>>>> David Johnson >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Users mailing list -- users@ovirt.org >>>>>>>> To unsubscribe send an email to users-le...@ovirt.org >>>>>>>> Privacy Statement: https://www.ovirt.org/privacy-policy.html >>>>>>>> oVirt Code of Conduct: >>>>>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>>>>> List Archives: >>>>>>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/IYPORJKHTSVTYTTRGWIW3V2MF5CFZ6DC/ >>>>>>>> >>>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> I assume that you have marked those networks as required. This is >>>>>>> handy to make sure that all hosts in a cluster have this network >>>>>>> attached. >>>>>>> Which implies that the host is considered non operational until you >>>>>>> assign all required networks. >>>>>>> >>>>>>> To avoid this you can uncheck it for a new network in the cluster >>>>>>> tab of the "New Logical Network" window. For existing go to >>>>>>> Compute -> Clusters -> $YOUR_CLUSTER -> Logical Networks -> Manage >>>>>>> Networks and uncheck required for the affected network. >>>>>>> This can be always changed back. >>>>>>> >>>>>>> Hopefully this helps. >>>>>>> Regards, >>>>>>> Ales >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> Ales Musil >>>>>>> >>>>>>> Software Engineer - RHV Network >>>>>>> >>>>>>> Red Hat EMEA <https://www.redhat.com> >>>>>>> >>>>>>> amu...@redhat.com IM: amusil >>>>>>> <https://red.ht/sig> >>>>>>> >>>>>> _______________________________________________ >>>>>> Users mailing list -- users@ovirt.org >>>>>> To unsubscribe send an email to users-le...@ovirt.org >>>>>> Privacy Statement: https://www.ovirt.org/privacy-policy.html >>>>>> oVirt Code of Conduct: >>>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>>> List Archives: >>>>>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/47JUY2NVTCQ76LPCVIAHY7ONYSZV3P5B/ >>>>>> >>>>>
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/537DL37OY54Y7M3RBBW2IAYOTZWAOZ4S/
