| | 100 | |
| | 101 | ---- |
| | 102 | === Adjustments for multiple !Bridges/Nics === |
| | 103 | |
| | 104 | Our current setup on external3 requires a separate bridge(vswitch) for each interfaces, because some VM's need to be in 10.50(DMZ) and other need 172.16(network), while others still need both. ovs-vsctl will happily build multiple bridges however, a few tweaks needed to be make to the host inorder of the system to work properly. For some reason, the original /etc/network/interfaces config breaks if you use more than one bridge, even if you only dhcp over just 1. After some expirmentation this is the working network interfaces files: |
| | 105 | {{{ |
| | 106 | # This file describes the network interfaces available on your system |
| | 107 | # and how to activate them. For more information, see interfaces(5). |
| | 108 | |
| | 109 | # The loopback network interface |
| | 110 | auto lo eth1 br1 |
| | 111 | iface lo inet loopback |
| | 112 | iface eth1 inet manual |
| | 113 | up ifconfig eth1 up |
| | 114 | down ifconfig eth1 down |
| | 115 | iface br1 inet dhcp |
| | 116 | up ifconfig eth0 up |
| | 117 | up ifconfig br0 up |
| | 118 | down ifconfig eth0 down |
| | 119 | down ifconfig br0 down |
| | 120 | }}} |
| | 121 | There are other working examples, but this one seems functional enough. It brings all the interfaces up and then attempts dhcp out of br1. The running ovs-vsctl should look like: |
| | 122 | {{{ |
| | 123 | d03e1847-34f4-4129-8821-63fff3403553 |
| | 124 | Bridge "br1" |
| | 125 | Port "eth1" |
| | 126 | Interface "eth1" |
| | 127 | Port "tap3" |
| | 128 | Interface "tap3" |
| | 129 | Port "tap1" |
| | 130 | Interface "tap1" |
| | 131 | Port "br1" |
| | 132 | Interface "br1" |
| | 133 | type: internal |
| | 134 | Bridge "br0" |
| | 135 | Port "eth0" |
| | 136 | Interface "eth0" |
| | 137 | Port "tap2" |
| | 138 | Interface "tap2" |
| | 139 | Port "br0" |
| | 140 | Interface "br0" |
| | 141 | type: internal |
| | 142 | Port "tap0" |
| | 143 | Interface "tap0" |
| | 144 | ovs_version: "1.2.2.10448" |
| | 145 | }}} |
| | 146 | Note that the taps are distributed according to which vlan/subnet they are supposed to belong to. I also switch from e1000 emulation to virtio, because its supposed to preform better. The big discovery with this setup was in how to invoke the kvm. Originally I replicated the -net... flag and started the vm. This works but it bonds the two interfaces together. Packets from one virtual interface show up on both bridges and go out of both cards. The reason this happens is a missing vlan keyword in the -net flag. This vlan keyword has nothing to do with vlan tagging for packets egress from the virtual interfaces. It's purely about the internal representation of the interfaces and the internal switching that qemu/kvm does. Specifying different vlan flags for the different interfaces and their respective taps, fixed the bonding problem. Packets were not only present on the proper bridge. I also had to modify all the scripting infrastructure to reflect this change. Instead of a single ovs-ifup/down script, there are now two(ovs-ifup-br0 and ovs-ifup-br1), one for each bridge. There are also now two scripts for starting vms depending on whether you want 1 or two interfaces. |
| | 147 | {{{ |
| | 148 | Single interface command string |
| | 149 | kvm -daemonize -vnc :$2 -m 2048 -smp 2 -net nic,model=virtio,macaddr=00:11:22:EE:EE:E$2 -net tap,script=/etc/ovs-ifup-br$3,downscript=/etc/ovs-ifdown-br$3 -drive file=$1 |
| | 150 | }}} |
| | 151 | note the 3rd argument specifies the brdige to join |
| | 152 | {{{ |
| | 153 | 2 interface command string |
| | 154 | kvm -daemonize -vnc :$2 -m 2048 -smp 2 -net nic,model=virtio,vlan=0,macaddr=00:11:22:EE:EE:E$2 -net tap,vlan=0,script=/etc/ovs-ifup-br0,downscript=/etc/ovs-ifdown-br0 -net nic,model=virtio,vlan=1,macaddr=00:11:22:FF:FF:F$2 -net tap,vlan=1,script=/etc/ovs-ifup-br1,downscript=/etc/ovs-ifdown-br1 -drive file=$1 |
| | 155 | }}} |
| | 156 | Note the added vlan tags. The ovs-ifup-brX scripts are the same as the original, except for the swith=... keyword. |
