[ovs-discuss] About isolating vm trafic using subject on web ovs
Scott Lowe
scott.lowe at scottlowe.org
Fri Mar 25 20:09:55 UTC 2016
Please see my response below.
> On Mar 24, 2016, at 2:40 PM, Tomasz Łukojko <tomekk312 at gmail.com> wrote:
>
> Hey,
>
> I tryed to make configuraton like on your web page:
> http://openvswitch.org/support/config-cookbooks/vlan-configuration-cookbook/
>
> My version uses one ovs machine and 4 vms, 2 of them tag=100 and next 2 tag=200. So i type a few commands:
> • ovs-vsctl add-br test
> • ifconfig test up
> • ovs-vsctl add-port test eth0
> • ifconfig eth0 0
> • dhclient test
> • ip tuntap add mode tap vport1 (same to vport2,3,4)
> • ipconfig vport1 up (same to vport2,3,4)
> • ovs-vsctl add-port test vport1 (same to vport2,3,4)
> then run 4 vm on virtual box with network setting bridged adapter to vport1,2,3,4 to vm1,2,3,4.. All work fine now, pings too but when i add vlans by tags all stop working and i dont get any ip adresses on vms.
>
> • ovs-vsctl add-port test vport1 tag=100 (same to vport2)
> • ovs-vsctl add-port test vport3 tag=200 (same to vport4)
> what i make wrong?
I'm assuming (you didn't specify) that your DHCP server lies on the network to which eth0 is attached. When you assign VLAN tags to the VM's ports, that takes them off the broadcast domain used by eth0 and the physical network, which means the DHCP server is no longer reachable via broadcast. (In turn, that means the VMs are unable to acquire an IP address via DHCP.)
The "fix" for this requires turning eth0 into a trunk port (carrying multiple VLAN tags to and from OVS), and placing a DHCP server on each VLAN. Alternately, you can statically assign IP addresses to the VMs for your connectivity testing.
I hope this helps.
--
Scott
More information about the discuss
mailing list