Port security requires subnets.
Can you please ensure that you used an external network with port security
explicitly disabled?
In doubt, please create a new external network with port security
explicitly disabled and try again with the new network?
On Tue, Mar 31, 2020 at 2:16 PM Tommaso - Shellrent <tomm...@shellrent.com>
wrote:
> This is what i've got:
>
>
>
> *ovs-vsctl show*
> 03a038d4-e81c-45e0-94d1-6f18d6504f1f
> Bridge br-int
> fail_mode: secure
> Port "ovn-765f43-0"
> Interface "ovn-765f43-0"
> type: geneve
> options: {csum="true", key=flow, remote_ip="xxx.169.yy.6"}
> Port br-int
> Interface br-int
> type: internal
> Port "vnet1"
> Interface "vnet1"
> Port "ovn-b33f6e-0"
> Interface "ovn-b33f6e-0"
> type: geneve
> options: {csum="true", key=flow, remote_ip="xxx.169.yy.2"}
> Port "vnet3"
> Interface "vnet3"
> Port "ovn-8678d9-0"
> Interface "ovn-8678d9-0"
> type: geneve
> options: {csum="true", key=flow, remote_ip="xxx.169.yy.8"}
> Port "ovn-fdd090-0"
> Interface "ovn-fdd090-0"
> type: geneve
> options: {csum="true", key=flow, remote_ip="xxx.169.yy.4"}
> ovs_version: "2.11.0"
>
>
> I suppose that the vnic are:
> Port "vnet1"
> Interface "vnet1"
> Port "vnet3"
> Interface "vnet3"
>
>
>
>
> on the engine:
> *ovn-nbctl show*
> switch a1f30e99-3ab7-46a4-925d-287871905cab
> (ovirt-local_network_definitiva-d58aea97-bb20-4e8f-bcc3-5277754846bb)
> port b82f3479-b459-4c26-aff0-053d15c74ddd
> addresses: ["56:6f:96:b1:00:4c"]
> port 52f09a28-1645-45ff-9b84-1e53a81bb399
> addresses: ["56:6f:96:b1:00:4b"]
>
>
> *ovn-sbctl show*
>
> Chassis "ab5bdfdd-8df4-4e9b-9ce9-565cfd513a4d"
> hostname: "pvt-41f18-002.serverlet.com"
> Encap geneve
> ip: "aaa.31.bbb.224"
> options: {csum="true"}
> Port_Binding "b82f3479-b459-4c26-aff0-053d15c74ddd"
> Port_Binding "52f09a28-1645-45ff-9b84-1e53a81bb399"
>
>
> Il 31/03/20 13:39, Staniforth, Paul ha scritto:
>
> The engine runs the controller so ovn-sbctl won't work, on the hosts, use
> ovs-vsctl show
>
> Paul S.
> ------------------------------
> *From:* Tommaso - Shellrent <tomm...@shellrent.com>
> <tomm...@shellrent.com>
> *Sent:* 31 March 2020 12:13
> *To:* Staniforth, Paul <p.stanifo...@leedsbeckett.ac.uk>
> <p.stanifo...@leedsbeckett.ac.uk>; users@ovirt.org <users@ovirt.org>
> <users@ovirt.org>
> *Subject:* Re: [ovirt-users] Local network
>
>
> *Caution External Mail:* Do not click any links or open any attachments
> unless you trust the sender and know that the content is safe.
>
> Hi.
>
> on engine all seems fine.
>
> on host the command "ovn-sbctl show" is stuck, and with a strace a se the
> following error:
>
>
> connect(5, {sa_family=AF_LOCAL,
> sun_path="/var/run/openvswitch/ovnsb_db.sock"}, 37) = -1 ENOENT (No such
> file or directory)
>
>
>
>
>
>
> Il 31/03/20 11:18, Staniforth, Paul ha scritto:
>
>
> .Hello Tommaso,
> on your oVirt engine host run
> check the north bridge controller
> ovn-nbctl show
> this should show a software switch for each ovn logical network witch any
> ports that are active( in your case you should have 2)
>
> check the south bridge controller
> ovn-sbctl show
> this should show the software switch on each host with a geneve tunnel.
>
> on each host run
> ovs-vsctl show
> this should show the virtual switch with a geneve tunnel to each other
> host and a port for any active vnics
>
> Regards,
> Paul S.
>
> ------------------------------
> *From:* Tommaso - Shellrent <tomm...@shellrent.com>
> <tomm...@shellrent.com>
> *Sent:* 31 March 2020 09:27
> *To:* users@ovirt.org <users@ovirt.org> <users@ovirt.org>
> *Subject:* [ovirt-users] Local network
>
>
> *Caution External Mail:* Do not click any links or open any attachments
> unless you trust the sender and know that the content is safe.
>
> Hi to all.
>
> I'm trying to connect two vm, on the same "local storage" host, with an
> internal isolated network.
>
> My setup;
>
> VM A:
>
> - eth0 with an external ip
> - eth1, with 1922.168.1.1/24
>
> VM B
>
> - eth0 with an external ip
> - eth1, with 1922.168.1.2/24
>
> the eth1 interfaces are connetter by a network created on external
> provider ovirt-network-ovn , whithout a subnet defined.
>
> Now, the external ip works fine, but the two vm cannot connect through the
> local network
>
> ping: ko
> arping: ko
>
>
> any idea to what to check?
>
>
> Regards
> --
> --
> [image: Shellrent - Il primo hosting italiano Security First]
> *Tommaso De Marchi*
> *COO - Chief Operating Officer*
> Shellrent Srl
> Via dell'Edilizia, 19 - 36100 Vicenza
> Tel. 0444321155 <+390444321155> | Fax 04441492177
> To view the terms under which this email is distributed, please go to:-
> http://leedsbeckett.ac.uk/disclaimer/email/
>
> --
> --
> [image: Shellrent - Il primo hosting italiano Security First]
> *Tommaso De Marchi*
> *COO - Chief Operating Officer*
> Shellrent Srl
> Via dell'Edilizia, 19 - 36100 Vicenza
> Tel. 0444321155 <+390444321155> | Fax 04441492177
> To view the terms under which this email is distributed, please go to:-
> http://leedsbeckett.ac.uk/disclaimer/email/
>
> --
> --
> [image: Shellrent - Il primo hosting italiano Security First]
> *Tommaso De Marchi*
> *COO - Chief Operating Officer*
> Shellrent Srl
> Via dell'Edilizia, 19 - 36100 Vicenza
> Tel. 0444321155 <+390444321155> | Fax 04441492177
> _______________________________________________
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/Y7KU2IVEHXHX3PB24KLSVSJUSOVH5S62/
>
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/NVFJUV5OF5Z74GQXA6SBF7NFD7CJW6TN/
