On 11/16/2011 08:46 AM, William A. Mahaffey III wrote:
>> The route command on the host will show the newly added
routes for the
>> VM. Also, tail your syslog file & you will see messages about every 15
>> min. from dnsmasq w/ the IP adder. of the VM.
>
& I definitely agree that virsh *should* show that info :-) ....
This has been an oft-requested feature, but no one has yet submitted
patches. The closest we have is that use of nwfilter can snoop a
guest's address, but this isn't yet exposed to the user via an
easy-to-access API. If you set up a DHCP server to assign guest IP
addresses based on guest MAC address, then you know what IP address the
guest should have. But if this is not the case, then the only way
libvirt can learn this is by snooping - libvirt can snoop DHCP traffic
to learn what an external dhcp server is giving to the guest, as well as
snoop guest traffic to see what address the guest appears to be using.
But a malicious guest can spoof this snooping, not to mention that a
guest that uses multiple IP addresses on a single interface may confuse
libvirt, which will probably only snoop the first address used. And a
guest that never initiates traffic is hard to snoop - making it hard to
know what address to use for ssh into the guest. There are also plans
to make use of a guest agent for communicating the guest IP address back
over the agent channel (right now, libvirt's only use of a guest agent
is for triggering guest shutdown), but again this relies on the agent
being present in the guest and cannot be deemed 100% reliable.
Use of libvirt guest console features tends to be more reliable than
trying to ssh into a guest, since that bypasses the need to learn the
guest's IP address.
--
Eric Blake eblake(a)redhat.com +1-919-301-3266
Libvirt virtualization library
http://libvirt.org