Configuração de rede KVM + trunck de VLAN

Navegue suas respostas
1

Estou tentando configurar uma solução baseada em KVM, estou tendo problemas para configurar as NICs para as VMs a partir de uma ponte baseada em uma interface de VLAN.

Minha configuração abaixo:

ETH0: gerenciamento do host KVM: 192.168.126.27 Netmask / 25 - 255.255.255.128 Gateway - 192.168.126.126

ETH1: Gerenciamento de convidados do KVM: VLAN Trunck - trunck ID 305

Guest IP: 172.21.107.126 Máscara de rede / 28 - 255.255.255.240 Gateway - 172.21.107.113

ETH2: conectado a um roteador para ser usado como um GW na Internet pela VM Guest ETH3: conectado a um roteador para ser usado como uma internet GW por HOST

PROBLEMA:

A conexão ssh ao ETH0 funciona bem, mas a conexão com a VM Guest não passa! Eu não tenho certeza se estou faltando alguma configuração de rota, ou regras Iptables ??

PS: da VM: eu sou capaz de executar ping no GW 172.21.107.113 definido

Por favor, informe se estou faltando alguma configuração.

Abaixo da minha configuração:

No host: 

# cat ifcfg-eth0
DEVICE=eth0
HWADDR=2C:59:E5:42:CB:EC
TYPE=Ethernet
#UUID=eefb4ac8-42ba-4fc3-9918-08aae7edef3b
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.126.27
NETMASK=255.255.255.128
GATEWAY=192.168.126.126

# cat ifcfg-eth1
DEVICE=eth1
HWADDR=2C:59:E5:42:CB:ED
UUID=68f6c45e-48ba-4b33-8da7-d4d7979eb72d
ONBOOT=yes
BOOTPROTO=none
NM_CONTROLED=no
PROTO=none
DEFROUTE=no

# cat ifcfg-eth1.305 
DEVICE=eth1.305
VLAN=yes
ONBOOT=yes
BRIDGE=bridge305
BOOTPROTO=none

# cat ifcfg-bridge305 
DEVICE=bridge305
ONBOOT=yes
TYPE=Bridge
STP=on
DELAY=0

# cat ifcfg-eth2 
DEVICE=eth2
HWADDR=2C:59:E5:42:CB:EE
TYPE=Ethernet
#UID=81aeae5f-e832-4f46-973d-00bc43413d4b
ONBOOT=none
NM_CONTROLLED=yes
BOOTPROTO=none
BRIDGE=bridgeinternet
DEFROUTE=no

# cat ifcfg-bridgeinternet 
DEVICE=bridgeinternet
ONBOOT=yes
TYPE=Bridge
STP=on
DELAY=0

# cat ifcfg-eth3 
DEVICE=eth3
HWADDR=2C:59:E5:42:CB:EF
TYPE=Ethernet
#UID=81aeae5f-e832-4f46-973d-00bc43413d4b
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
DEFROUTE=no



# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.126.0   0.0.0.0         255.255.255.128 U     0      0        0 eth0
192.168.192.0   0.0.0.0         255.255.255.0   U     0      0        0 eth3
169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1003   0        0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U     1005   0        0 eth3
169.254.0.0     0.0.0.0         255.255.0.0     U     1007   0        0 bridge305
169.254.0.0     0.0.0.0         255.255.0.0     U     1024   0        0 bridgeinternet
0.0.0.0         192.168.126.126 0.0.0.0         UG    0      0        0 eth0

# brctl show
bridge name bridge id       STP enabled interfaces
bridge305       8000.2c59e542cbed   yes     eth1.305
                            vnet0
                            vnet1
                            vnet2
bridgeinternet      8000.fe54003e8341   yes     vnet3

# ifconfig -a
bridgeinternet Link encap:Ethernet  HWaddr FE:54:00:3E:83:41  
          inet6 addr: fe80::fc54:ff:fe3e:8341/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:816 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:156349 (152.6 KiB)  TX bytes:936 (936.0 b)

bridge305 Link encap:Ethernet  HWaddr 2C:59:E5:42:CB:ED  
          inet6 addr: fe80::2e59:e5ff:fe42:cbed/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:720 errors:0 dropped:0 overruns:0 frame:0
          TX packets:26 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:80656 (78.7 KiB)  TX bytes:2052 (2.0 KiB)

eth0      Link encap:Ethernet  HWaddr 2C:59:E5:42:CB:EC  
          inet addr:192.168.126.27  Bcast:192.168.126.127  Mask:255.255.255.128
          inet6 addr: fe80::2e59:e5ff:fe42:cbec/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1342 errors:0 dropped:0 overruns:0 frame:0
          TX packets:286 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:109783 (107.2 KiB)  TX bytes:38489 (37.5 KiB)
          Memory:f7e00000-f7f00000 

eth1      Link encap:Ethernet  HWaddr 2C:59:E5:42:CB:ED  
          inet6 addr: fe80::2e59:e5ff:fe42:cbed/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7801 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5891 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:612528 (598.1 KiB)  TX bytes:465290 (454.3 KiB)
          Memory:f7c00000-f7d00000 

eth1.305  Link encap:Ethernet  HWaddr 2C:59:E5:42:CB:ED  
          inet6 addr: fe80::2e59:e5ff:fe42:cbed/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:427 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3305 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:17990 (17.5 KiB)  TX bytes:264083 (257.8 KiB)

eth2      Link encap:Ethernet  HWaddr 2C:59:E5:42:CB:EE  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Memory:f7a00000-f7b00000 

eth3      Link encap:Ethernet  HWaddr 2C:59:E5:42:CB:EF  
          inet addr:192.168.192.10  Bcast:192.168.192.255  Mask:255.255.255.0
          inet6 addr: fe80::2e59:e5ff:fe42:cbef/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:43 errors:0 dropped:0 overruns:0 frame:0
          TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:10022 (9.7 KiB)  TX bytes:7312 (7.1 KiB)
          Memory:f7800000-f7900000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:11047 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11047 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:27270093 (26.0 MiB)  TX bytes:27270093 (26.0 MiB)

vnet0     Link encap:Ethernet  HWaddr FE:54:00:F9:95:2B  
          inet6 addr: fe80::fc54:ff:fef9:952b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:236 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2049 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:19256 (18.8 KiB)  TX bytes:165948 (162.0 KiB)

vnet1     Link encap:Ethernet  HWaddr FE:54:00:2A:10:75  
          inet6 addr: fe80::fc54:ff:fe2a:1075/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:120 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1541 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:9600 (9.3 KiB)  TX bytes:133222 (130.0 KiB)

vnet2     Link encap:Ethernet  HWaddr FE:54:00:51:08:24  
          inet6 addr: fe80::fc54:ff:fe51:824/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4915 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1478 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:462832 (451.9 KiB)  TX bytes:80478 (78.5 KiB)

vnet3     Link encap:Ethernet  HWaddr FE:54:00:3E:83:41  
          inet6 addr: fe80::fc54:ff:fe3e:8341/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1363 errors:0 dropped:0 overruns:0 frame:0
          TX packets:782 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:258901 (252.8 KiB)  TX bytes:41320 (40.3 KiB)

# cat /proc/net/vlan/config 
VLAN Dev name    | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
eth1.305       | 305  | eth1

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            PHYSDEV match --physdev-is-bridged 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Na VM do CONVIDADO: 

# cat ifcfg-eth0
DEVICE=eth0
#HWADDR=
TYPE=Ethernet
#UUID=eefb4ac8-42ba-4fc3-9918-08aae7edef3b
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=172.21.107.126
NETMASK=255.255.255.240
GATEWAY=172.21.107.113
    
por L1opardo 15.01.2014 / 00:32

2 respostas

0

Problema corrigido, config está certo. Eu tive um problema de firewall no meio e essa foi a causa raiz.

    
por 24.01.2014 / 17:49
1

pode parecer bobo, mas verifique se você tem uma rota para 172.21.107.112/28 em seu cliente ssh?

    
por 15.01.2014 / 01:02

Tags

Vários certificados SSL em um único host, porta e domínio Como remover repositórios do banco de dados de confirmação ViewVC?