Re: [libvirt] RFC: automatic setting of ip_forwarding (or not)

On 10/07/2010 10:48 PM, Zdenek Styblik wrote: > On 10/04/2010 08:13 PM, Laine Stump wrote: <snip> >> Exactly one of my points. libvirt really wants (no, *needs*) this to be >> on for virtual networks, but it's very likely there was a reason for it >> being turned off, so the admin should at the very least be alerted that >> it's being turned on, or the fact that it's off should be logged in some >> way to assure it gets the admin's attention so they can make the proper >> judgement call. >> > > Only thing that popped in my head was: admin should read documentation :( Is this the kind of behavioural thing that we should have a "reasonable default" for, plus allow for it to be configured differently via libvirtd.conf? were_special_really_really_really_please_dont_enable_ipforwarding = 1 :)

> Once again I'm going to "troll" about this and bundled everything inside > one thing. As I've said many times already, I'm pro-external things as > DHCP, firewall ... whatever. On the other hand, I realize the point of > libvirt might be to ship out-of-the-box solution like it is now. > I mean, tell admin what to add if he wants this and that; or make > external hooks, or whatever. That's hard to say, because there is no one > ultimate solution. Using the words "hooks" here makes me wonder if we could do the needed work through having network hook scripts in place (with appropriate bits to call them), and whether it would be a useful way of doing things. (absolutely no idea if it's even feasible. :>)