[ovs-discuss] why vm can't ping host eth1

[Robin Wang]

2012/5/20 Salman Malik <salmanmk at live.com>

>  Thanks Reid, please find the inline comments.
>
>
> ------------------------------
> From: reid at nicira.com
> Date: Sun, 20 May 2012 01:56:05 -0700
>
> Subject: Re: [ovs-discuss] why vm can't ping host eth1
> To: salmanmk at live.com
> CC: cloudbengo at gmail.com; discuss at openvswitch.org
>
> On Sat, May 19, 2012 at 3:42 PM, Salman Malik <salmanmk at live.com> wrote:
>
>  Thanks a lot Reid. That was one awesome explanation. Few more questions:
>
> 1) In the first figure VMs can not communicate with the outside world
> (except using NAT) ?
>
>
> Yup.  I'm not sure what NAT would mean in this context, all tap1/2 traffic
> will be going directly into br0, and br0 (as shown) has no way to get to
> the outside world.
>
> I was thinking if traffic from any VM could go through bridge interface
> and then traverse through the IP stack to go out to any ethX?
>

 I think what Salman wants, is having VM packets go out this physical box
through eth0/eth1, without adding eth0/eth1 to ovs bridge. That should be
 achieved through NAT with the help of iptables. I think the default
network "virbr0" of libvirt is a good example.

For virbr0, there's no pNic(eth0/eth1) connected to the bridge. But VMs you
created by virt-install do have network access out of this physical box.
Libvirt achieves that by adding NAT on iptables, providing DHCP service
automatically to VMs(192.168.122.0/24 by default, make virbr0 work as a
gateway), and it has dnsmasq configured for DNS service. I didn't go
through libvirt network and virbr0 deeply, may the above info be helpful to
you, Salman. And feel free to correct me if I got something wrong.

Thanks very much.

Best,
Robin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20120602/48514b4f/attachment-0001.html>