<div><b style="font-family:'courier new',monospace;font-size:13px;background-color:rgb(255,255,255)">whoops! in this case ib0, but the virt-manager utility will create this for your interface, just remember not to use dhcp.</b></div>
<b style="font-family:'courier new',monospace;font-size:13px;background-color:rgb(255,255,255)"><div><b style="font-family:'courier new',monospace;font-size:13px;background-color:rgb(255,255,255)"><br></b></div>
iptables -t nat -A POSTROUTING -s <a href="http://172.16.100.128/25" target="_blank" style="color:rgb(17,85,204)">172.16.100.128/25</a> -o ib0 -j SNAT --to-source 192.168.10.10</b> <br><br><div class="gmail_quote">On Wed, Jul 25, 2012 at 1:19 PM, Shankhadeep Shome <span dir="ltr"><<a href="mailto:shank15217@gmail.com" target="_blank">shank15217@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Yes, you need to create a regular bridge device and attach it to a tap device, you can use virt-manager to create this for you, the tap device will be disabled. You will also need an iptables rule to nat packets to/from the bridge, again the virt-manager can do this for you.<div>
<br></div><div>[vnics] -- [bridge] -- [disabled tap]</div><div><br></div><div>Here is a bridge definition for infiniband devices that cannot use mac bridges, created by virt-manager</div><div><br></div><div>Its creating a <a href="http://172.16.100.128/25" target="_blank">172.16.100.128/25</a> network, note. do not configure a dhcp server if you want opennebula to track your IPs, all you need to do is give open nebula the iprange 172.16.100.130-254 to manage and configure your contextualization appropriately.</div>
<div><br></div><div><div><font face="courier new, monospace"><network></font></div><div><font face="courier new, monospace"> <name>ibnat0</name></font></div><div><font face="courier new, monospace"> <uuid>4d7e9211-3a32-8b77-90a6-3b45c8d98ddb</uuid></font></div>
<div><font face="courier new, monospace"> <bridge name='virbr1' stp='on' delay='0' /></font></div><div><font face="courier new, monospace"> <mac address='52:54:00:8B:34:92'/></font></div>
<div><font face="courier new, monospace"> <ip address='172.16.100.129' netmask='255.255.255.128'></font></div><div><font face="courier new, monospace"> </ip></font></div><div><font face="courier new, monospace"></network></font></div>
</div><div><br></div><div><font face="courier new, monospace">ifconfig -a output, this is what it looks like</font></div><div><font face="courier new, monospace"><br></font></div><div><div><font face="courier new, monospace">ib0 Link encap:UNSPEC HWaddr 80-00-00-48-FE-80-00-00-00-00-00-00-00-00-00-00</font></div>
<div><font face="courier new, monospace"> inet addr:192.168.10.10 Bcast:192.168.10.255 Mask:255.255.255.0</font></div><div><font face="courier new, monospace"> inet6 addr: fe80::208:f104:39a:63b1/64 Scope:Link</font></div>
<div><font face="courier new, monospace"> UP BROADCAST RUNNING MULTICAST MTU:65520 Metric:1</font></div><div><font face="courier new, monospace"> RX packets:0 errors:0 dropped:0 overruns:0 frame:0</font></div>
<div><font face="courier new, monospace"> TX packets:0 errors:0 dropped:5 overruns:0 carrier:0</font></div><div><font face="courier new, monospace"> collisions:0 txqueuelen:256</font></div><div><font face="courier new, monospace"> RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)</font></div>
</div><div><font face="courier new, monospace"><br></font></div><div><div><font face="courier new, monospace">virbr1 Link encap:Ethernet HWaddr 52:54:00:8b:34:92</font></div><div><font face="courier new, monospace"> inet addr:172.16.100.129 Bcast:172.16.100.255 Mask:255.255.255.128</font></div>
<div><font face="courier new, monospace"> UP BROADCAST MULTICAST MTU:1500 Metric:1</font></div><div><font face="courier new, monospace"> RX packets:0 errors:0 dropped:0 overruns:0 frame:0</font></div>
<div>
<font face="courier new, monospace"> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0</font></div><div><font face="courier new, monospace"> collisions:0 txqueuelen:0</font></div><div><font face="courier new, monospace"> RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)</font></div>
<div><font face="courier new, monospace"><br></font></div><div><font face="courier new, monospace">virbr1-nic Link encap:Ethernet HWaddr 52:54:00:8b:34:92</font></div><div><font face="courier new, monospace"> BROADCAST MULTICAST MTU:1500 Metric:1</font></div>
<div><font face="courier new, monospace"> RX packets:0 errors:0 dropped:0 overruns:0 frame:0</font></div><div><font face="courier new, monospace"> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0</font></div>
<div><font face="courier new, monospace"> collisions:0 txqueuelen:500</font></div><div><font face="courier new, monospace"> RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)</font></div></div><div><br></div><div>The nat rule will be something like this..</div>
<div><br></div><div><font face="courier new, monospace"><b>iptables -t nat -A POSTROUTING -s <a href="http://172.16.100.128/25" target="_blank">172.16.100.128/25</a> -o eth0 -j SNAT --to-source 192.168.10.10</b></font></div>
<div><font face="courier new, monospace"><br>
</font></div><div><font face="courier new, monospace">iptables -v -L -t nat (</font><span style="font-family:'courier new',monospace">And here is the output of that rule)</span></div><div><div><font face="courier new, monospace">Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)</font></div>
<div><font face="courier new, monospace"> pkts bytes target prot opt in out source destination</font></div><div><font face="courier new, monospace"><br></font></div><div><font face="courier new, monospace">Chain INPUT (policy ACCEPT 0 packets, 0 bytes)</font></div>
<div><font face="courier new, monospace"> pkts bytes target prot opt in out source destination</font></div><div><font face="courier new, monospace"><br></font></div><div><font face="courier new, monospace">Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)</font></div>
<div><font face="courier new, monospace"> pkts bytes target prot opt in out source destination</font></div><div><font face="courier new, monospace"><br></font></div><div><font face="courier new, monospace">Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)</font></div>
<div><font face="courier new, monospace"> pkts bytes target prot opt in out source destination</font></div><div><font face="courier new, monospace"> 0 0 SNAT all -- any eth0 <a href="http://172.16.100.128/25" target="_blank">172.16.100.128/25</a> anywhere to:192.168.10.10</font></div>
</div><div><br></div><div><br><div class="gmail_quote"><div><div class="h5">On Wed, Jul 25, 2012 at 6:24 AM, Javier Alvarez <span dir="ltr"><<a href="mailto:javier.alvarez@bsc.es" target="_blank">javier.alvarez@bsc.es</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">
<div bgcolor="#FFFFFF" text="#000000">
Hello,<br>
<br>
I would like to know if OpenNebula supports the use of NAT
forwarding as explained in the networking page of the libvirt's
wiki: <br>
<br>
<a href="http://wiki.libvirt.org/page/Networking#NAT_forwarding_.28aka_.22virtual_networks.22.29" target="_blank">http://wiki.libvirt.org/page/Networking#NAT_forwarding_.28aka_.22virtual_networks.22.29</a><br>
<br>
Thanks,<br>
<br>
Javi<span><font color="#888888"><br>
<br>
<pre cols="72">--
Javier Álvarez Cid-Fuentes
Grid Computing and Clusters Group
Barcelona Supercomputing Center (BSC-CNS)
Tel. <a href="tel:%28%2B34%29%2093%20413%2072%2046" value="+34934137246" target="_blank">(+34) 93 413 72 46</a></pre>
<br>
<br>
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
<br><br>
<a href="http://www.bsc.es/disclaimer.htm" target="_blank">http://www.bsc.es/disclaimer</a>
<br>
</font></span></div>
<br></div></div>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
<br></blockquote></div><br></div>
</blockquote></div><br>