[one-users] Share IP's

[Stefan Kooman]

Quoting Stefan Kooman (stefan at bit.nl):
> Quoting Gareth Bult (gareth at linux.co.uk):
> > Hi,
> > 
> > I'm looking to share a single IP address between two VM's - can anyone
> > point me in the right direction?  (I'm using the 'clean-traffic'
> > network filter ...)
> > 
> > My first idea was to add a second interface to each VM, with a shared
> > IP, but on reflection because IP's are linked to MAC's, this was never
> > going to work.
> 
> Why not? I've got several VM's with extra (V)IP's. An interface
> mac-address is normally "linked" to the ip it gets assigned, not the
> other way around. 

Not quite true .... those were IPv6 ip's ... for IPv4 it's different.
There's not only an "MAC spoofing" filter but also an "arp" filter.
Extra ipv4 ip's do not work by default.

> > Is there a way of doing this, or is the clean traffic filter
> > incompatible with shared IP's ...
> 
> clean traffic filter does prevent Mac-spoofing, but you're allowed to add
> ip aliases.

You can disable "arp" filtering quite easily:

(/var/lib/)one/remotes/vnm/ovswitch/OpenvSwitch.rb

---- 8< -----
def mac_spoofing
        add_flow("in_port=#{port},arp,dl_src=#{@nic[:mac]}",:drop,45000)
    #   add_flow("in_port=#{port},arp,dl_src=#{@nic[:mac]},nw_src=#{@nic[:ip]}",:normal,46000)
        add_flow("in_port=#{port},arp,dl_src=#{@nic[:mac]}",:normal,46000)
        add_flow("in_port=#{port},dl_src=#{@nic[:mac]}",:normal,40000)
        add_flow("in_port=#{port}",:drop,39000)
end
---- >8 -----

Gr. Stefan

-- 
| BIT BV  http://www.bit.nl/        Kamer van Koophandel 09090351
| GPG: 0xD14839C6                   +31 318 648 688 / info at bit.nl