On 04/17/2014 10:42 AM, Jianwei Hu wrote:
Hi guys,
I saw this sub-element in
http://libvirt.org/firewall.html, there is some confusion,
what's the meaning of sub-element <ip address='X.X.X.X'> in
<interface type='bridge'> of domain xml?
The detail <interface> in domain xml as below:
<interface type='bridge'>
<mac address='52:54:00:56:44:32'/>
<source bridge='br1'/>
<ip address='10.X.X.X'/> <===it's my question
As far as I can find, the <ip> subelement of a domain's <interface> is:
1) only recognized for <interface type='bridge'> and <interface
type='ethernet'>
2) only used by the xen driver, and ignored by all others.
I believe it is the IP address that xen will tell the domain to use for
its interface.
The correct way to specify a guest IP address for a nwfilter is
described here:
http://libvirt.org/formatnwfilter.html#nwfconceptsvars
The page you're citing is something lifted from an email written by
Daniel Berrange, and it was likely written during early design of
nwfilter and then wasn't updated to reflect what was finally implemented.
Stefan - can you confirm or deny my suspicion?
Beyond that, I think that page needs to be somehow updated from /
combined with the formatnwfilter page to eliminate both duplicated and
incorrect information.
<target dev='vnet0'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Is it static IP(specified by customer) in guest OS? or a IP of interface(e.g. eno1) in
"br1" on host machine? what's definition about it?
[root@localhost src]# brctl show
bridge name bridge id STP enabled interfaces
br1 8000.24be051881ce no eno1
If you know how to use it, please show me a detail scenario.
Don't use it.