On Tue, Mar 9, 2021 at 2:54 PM Andrei Verovski <andre...@starlett.lv> wrote:

>
>
>> I’m running oVirt 4.4.4.7-1.el8 and need to connect one of the VMs
>> straight to the ISP link via Ethernet cable.
>> oVirt already have 2 networks (ovirt mgmt local + DMZ).
>> Created new network provider and assigned to it available physical
>> interface of HP ProLiant, connected via cable to ISP switch with public IP.
>>
>
> By provider do you mean ovirt-provider-ovn? If so are you using OVS
> cluster type? The physical interface connection for external networks work
> only
> in an OVS switch type cluster.
>
>
>
> If you mean Native Open vSwitch as described here we don’t use it.
>
> https://www.ovirt.org/develop/release-management/features/network/openvswitch/native-openvswitch.html
>

> Current setup is simple 2-node and unfortunately I'm not aware of all deep
> details of oVirt networking.
> Since oVirt uses KVM as underlying technology I assume it uses bridged
> networking to connect VMs and physical interfaces.
>

Correct, every network in Linux Bridge switch type cluster is created as a
bridge on host when marked as VM network.
Non-VM networks are bridgeless.


> Each our server uses 2 Ethernet connections, 1 for internal LAN
> 192.168.0.xxx and 2nd for DMZ 192.168.1.xxx.
> If so I assumed that it could not be a problem to bridge VM to external IP
> via 3rd Ethernet using oVirt networking.
>

It should not because if the interface is really directly connected to an
external network, the bridge provides the needed L2 connection.



> May be its enough to turn on “isolated port” and VM Interface Profile to
> “clean-traffic”?
>

Actually quite the opposite, if there are any troubles like that I would
suggest to have Port Isolation turned off
and no network filter.


Best regards,
Ales


> Please correct if I'm wrong here
>
>
>
>
>
>> Options of this network: (VM Network = on, Port Isolation = off, NIC Type
>> = VirtIO, the rest are defaults).
>> VM is Debian 10.
>>
>> Link works but with strange artefacts. If VM left being idle for a while,
>> it cant be connected or pinged from outside, until I initiate pings from VM
>> itself.
>> I have only 2 IPs from this ISP so I’m sure there are no IP address
>> conflicts.
>> Another port and public IP go to our VyOS router handling internal and
>> DMZ zone.
>>
>
> When this happens I would suggest to trace where the packets are getting
> dropped.
>
>
>>
>> How to fix this problem ?
>> Thanks in advance.
>> Andrei
>>
>> _______________________________________________
>> Users mailing list -- users@ovirt.org
>> To unsubscribe send an email to users-le...@ovirt.org
>> Privacy Statement: https://www.ovirt.org/privacy-policy.html
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/5SAC77DSZQ4PXCCNT6N6MEG7MYDOHFQU/
>>
>
>
> Thank you.
> Best regards,
> Ales
>
> --
> Ales Musil
> Software Engineer - RHV Network
>
> Red Hat EMEA <https://www.redhat.com/>
> amu...@redhat.com    IM: amusil
> <https://red.ht/sig>
>
>
>

-- 

Ales Musil

Software Engineer - RHV Network

Red Hat EMEA <https://www.redhat.com>

amu...@redhat.com    IM: amusil
<https://red.ht/sig>
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/5Z7RRM5JTJZHJK34GHGMQRC656AWXXSA/

Reply via email to