[one-users] Network problem with ebtables
Jaime Melis
jmelis at opennebula.org
Tue Jan 24 05:44:23 PST 2012
Hello Manuel,
Actually that's the intented behaviour of this network driver. If you apply
this filter to a NIC, it will only be reachable from other VMs, meaning
that you won't be able to access it from your physical host, even if
they're on the same network.
I suggest that you use VLANs with the 802.1Q driver if you want to be able
to reach your VMs from your hosts while keeping them isolated. If you can't
use that driver beacuse of your netwrok infrastructure, you could always
create two NICs in a VM, and apply the ebtables filter to only one of them,
and use that VM as a gateway to reach your other VMs.
Cheers,
Jaime
2012/1/15 Manuel Padrón <mpadron at citec-sl.com>
> Hi:
>
> I'm trying to make work the network of the vms with ebtables. I've got
> in the physical machine an eth0 and a br0 working with 192.168.0.1 ip.
> I create an vnet with one fix address 192.168.0.2.
>
> Everything seems to work. onevnet show said that 192.168.0.2 is USED
> by the VID of the vm. ebtables --list shows something like the guide
> (http://opennebula.org/documentation:rel3.0:ebtables ) said:
>
> btables --list
> Bridge table: filter
>
> Bridge chain: INPUT, entries: 0, policy: ACCEPT
>
> Bridge chain: FORWARD, entries: 2, policy: ACCEPT
> -s ! 2:0:ac:15:20:0/ff:ff:ff:ff:ff:0 -o vnet0 -j DROP
> -s ! 2:0:ac:15:20:29 -i vnet0 -j DROP
>
> Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
>
>
> I even can do a ping between 192.168.0.1 and 192.168.0.2. But if I try
> to reach the gw of the net (192.168.0.4) from the physical machine I
> can but from the vm I didn't get any response.
>
> Anyone could help me?
>
> Regards from Canary Islands
>
> --
>
> Manuel Padrón Martínez
> Administrador de Redes y Sistemas
>
> .................................................................................................................
> CITEC
> Centro Canario de Tratamiento de la Información, S.L.
> C/ Viera y Clavijo 34, 5ª Planta- 35002- Las Palmas de Gran Canaria -
> España
> Telf.: +34 928 939 411 Fax: +34 928 939 343 email: mpadron at citec-sl.com
>
> .................................................................................................................
> Este mensaje y cualquier archivo adjunto al mismo son confidenciales y
> atañe exclusivamente a las personas a las que va dirigido. Si usted
> no es el destinatario de este mensaje, considérese advertido de que lo
> ha recibido por error y que cualquier uso, difusión o copia están
> absolutamente prohibidos, recomendándole la comunicación de este hecho
> a la siguiente dirección de e-mail del remitente. Asimismo, se le
> advierte que toda la información personal contenida en este mensaje se
> encuentra protegida por la Ley 15/1999, de 13 de Diciembre de
> protección de datos de carácter personal, quedando totalmente
> prohibido su uso y/o tratamiento, así como la cesión de aquella a
> terceros al margen de lo dispuesto en la citada ley protectora de
> datos personales y de su normativa de desarrollo.
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
--
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | jmelis at opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20120124/d5e4f1bc/attachment-0003.htm>
More information about the Users
mailing list