On 05/25/2016 11:13 AM, Vasiliy Tolstov wrote:
2016-05-25 18:00 GMT+03:00 Laine Stump <laine@laine.org>:
So $VM_GW is on the same subnet as $VM_IP/24 ? Is that also the same subnet as $HOST_IP? Or is that on a completely different network?
(This is all very useful, because it's pointing out that the config of the two ends definitely aren't mirror images, so we really do need independent settings for both).
VM_GW on the same subnet as PEER , but on host side i apply /32 address, but inside vm /24.
peer only used on host machine to determine on which interface kernel needs to send traffic
Well, you *could* do the same thing with a /30 subnet for each tap (so that your routing daemon would get a bunch of /30 routes pointing to your host for all of them), but that would use up a lot more address space.
(I'm not sure what the guest does with 169.254.169.254)
What if you instead set the host to:
$HOST_IP peer $VM_IP/32
and set the guest to:
$VM_IP peer $HOST_IP/32 route add default $HOST_IP
??
I don't use this scheme... If i set $VM_IP peer $HOST_IP/32 on host machine i think kernel recieves packet and drop it =)
No - you would set that on the *guest*, not the host. I setup an LXC container in this manner and everything seemed to work properly.
May be, but in case of qemu i use simple dhcp server and on vm simple dhcp client. It can't assign peer addresses
Ah, right. I haven't looked, but doubt there is a dhcp option to specify a peer address.
may be this is works. I don't try. In my setup guest vm does not know host side of network, so it does not need know about peer... Also i can live migrate guest without changing.... (Changes only host side of network)
Anyway, it's important to know if you set the IP config on host and guest to exact mirrors of each other. It seems like the answer is "no", though, so i'm going to make a patch that allows what I was talking about last week:
<interface type='ethernet'> <source> <ip address='HOST_IP' family='ipv4' peer='VM_IP' prefix='32'/> <ip address='VM_GW' family='ipv4' prefix='32'/> </source> <ip address='VM_IP' family='ipv4' peer='HOST_IP' prefix='24'/> <route family='ipv4' address='0.0.0.0' gateway='HOST_IP'/> ... </interface>
On qemu only the address info inside <source> would be used, since we don't have control over the guest's network config. On LXC, we can set both.
Does that sound usable? Yes, but don't cleanup please <ip address='VM_IP' family='ipv4' peer='HOST_IP' prefix='24'/> in qemu case, because on somedays we can launch dnsmasq or orhet software that can provide dhcp and use this element..
An interesting point - even if libvirt itself doesn't launch the dnsmasq, it could be done by a more intelligent script (one that received the full interface XML on stdin, as I discussed in my last mail), so we should probably just ignore it rather than complaining that it's unsupported...
Thanks for the info! Yes, i handmade my own dhcp server on golang what listens libvirt hooks and serves needed addresses for needed tap devices.
Yeah, I had considered that if we were to support such a thing in libvirt, it would be best to do it by having a single dnsmasq instance for all tap-only guest interfaces.
So i have only one daemon that have stateless config (it get it via libvirt xml). So i don't need database or something else.
How does it gather than config? With a qemu hook script?