On 10/16/2010 03:01 PM, Justin Clift wrote:
Hi all,

Working on the "Foundation Concepts" for virtual switches at the moment.

Does anyone have time/inclination to check over the concept graphics
thus far, for technical accuracy?

Especially the "Routing mode" and "Non-routing" mode ones, as I'm not
sure if that's the right terminology for them:

  http://wiki.libvirt.org/page/VirtualNetworking#Routing_mode
  http://wiki.libvirt.org/page/VirtualNetworking#Non-routing_mode

General feedback, thoughts, and suggestions are welcome too of course. :)

In case of the NAT I would mention that it is setting up Masquerading (rather than SNAT / DNAT) which basically only allows the VM to establish connections to the outside but not the other way around.


From the page:

Routed mode

Also commonly referred to as bridging. In this mode, the virtual switch is connected to the physical host LAN, passing guest network traffic back and forth without using NAT. In this mode, computers external to the host server directly address and communicate with guest virtual machines.


Routing and bridging are different, the one working on l3, the other on l2. So I would not say that it is 'commonly referred to as bridging', since this is mixing different concepts.

I suppose you describe the configuration where eth0 is plugged into the bridge virbr0. If yes, I would title the section as 'bridging' mode. Typically in this case the VMs pick up an address in the physical subnet from an infrastructure DHCP server and they can communicate towards the outside or be contacted from anywhere from the outside (assuming routable addresses). The addresses you are showing in the example picture 10.10.10.100 and 10.10.10.200 are typically 'private', thus will only be routed in the local network, but that's ok.

However, there is this other mode libvirt is supporting where the VM's interfaces are plugged in virbr0, thus they do bridging when one VM communicates with another VM. However, the bridge can be given an IP address and when a VM wants to talk to another host or VM in the network (beyond the VM-hosting host), the packets 'escape' the bridge, are routed on the Linux host towards eth0 and then delivered to the other host in the local subnet. Now that is a mix between routing and bridging.


   Stefan



Regards and best wishes,

Justin Clift

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list