[one-users] Host's openvswitch promiscuous mode for VMs
Jaime Melis
jmelis at opennebula.org
Tue Sep 17 02:19:49 PDT 2013
Hi Dmitri,
networking drivers are very extensible. I suggest you take a look at this
file:
https://github.com/OpenNebula/one/blob/master/src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb
If you customize it and spread it to the hosts ( onehost sync ) you will be
able to filter for whatever criteria you want. Note that you can access the
instance variable @vm, which holds the vm template.
For instance, if you add "DELETE_FLOWS=YES" to the VM template, you will be
able to do:
if @vm['TEMPLATE/DELETE_FLOWS'] == "YES"
... # remove/don't create flows...
end
cheers,
Jaime
On Fri, Aug 30, 2013 at 9:43 PM, Dmitri Chebotarov <dchebota at gmu.edu> wrote:
> Hi
>
> I traced it back to MAC-spoofing rule (not promisc mode).
> By default the rule applies to all VM, I.e. :
>
> in_port=<PORT>,dl_src=<MAC>,priority=40000,actions=normal
> in_port=<PORT>,priority=39000,actions=normal
>
> This prevented bridging to work properly inside a VM.
> It worked OK once I deleted flows, I.e.:
>
> /usr/bin/ovs-ofctl del-flows --strict br0
> in_port=128,dl_src=02:00:c0:a8:0d:01,priority=40000
> /usr/bin/ovs-ofctl del-flows --strict br0 in_port=128,priority=39000
>
> Now I'll be looking for a way to delete flows for certain VM based on
> some attributes in template or image, perhaps Hooks?
> --
> Thank you,
>
> Dmitri Chebotarov
> VCL Sys Eng, Engineering & Architectural
> Support, TSD - Ent Servers & Messaging
> 223 Aquia Building, Ffx, MSN: 1B5
> Phone: (703) 993-6175 | Fax: (703) 993-3404
>
>
> From: Dimach Chebotarov <dchebota at gmu.edu>
> Date: Thursday, August 29, 2013 21:04
> To: "users at lists.opennebula.org" <users at lists.opennebula.org>
>
> Subject: [one-users] Host's openvswitch promiscuous mode for VMs
>
> Hi
>
>
>
> I'm not sure if this applies to opennebula, or should I direct it to an
> OVS forum/group:
>
>
>
> I'm trying to build a Linux bridge to extend my network into another
> cloud. The bridge is running inside Linux VM, which is hosted on opennebula
> host /w openvswitch. The bridge configuration requires interface to be in
> promiscuous mode (inside VM) to work properly, but I cannot find a way to
> permit promiscuous mode for the VM's interface (vnetX) on the host. This is
> similar to what VMware vSwtich has to permit promiscuous mode inside VM.
>
>
>
> I've duplicated the same configuration on my local WKS using VirtualBox
> and it works OK as soon as permit promiscuous mode for network interface.
>
>
>
> I apologize for spam if it doesn't apply to this group...
>
>
>
> Thanks.
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
--
Join us at OpenNebulaConf2013 <http://opennebulaconf.com/> in Berlin, 24-26
September, 2013
--
Jaime Melis
Project Engineer
OpenNebula - The Open Source Toolkit for Cloud Computing
www.OpenNebula.org | jmelis at opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130917/11073c2f/attachment.htm>
More information about the Users
mailing list