Hello, my host server has SLES11 SP2 installed. I installed KVM. I then installed with KVM opensuse 11.2. Everything worked fine, here on my test network. When the Server was put onto the house network, the quest server could no longer be reached over network. My network section told me the switch was tagged for 2 different networks. 1. 192.168.1.xx and 2. 192.168.23.xx(tagged IDxx).
My host server needs to be on the 1. network and it works fine. The quest server needs to be on the 2. network and to be tagged. I have tried many different ways, but could get it to work.
I configured a VLAN on the host Server could get traffic thru from host to 2. network, but not guest to 2. network. Everything else, I got nothing from anywhere to 2. network.
I don’t have much experience in networking. So I need more help on setting this up. The main problem is I can not find any direct documation for this. Or I am just missing something.
I have already checked, my network card and driver support vlan and tagging, so that should not be the problem.
Any help or ideas?
Midata wrote:
[color=blue]
My network section told
me the switch was tagged for 2 different networks. 1. 192.168.1.xx and
2. 192.168.23.xx(tagged IDxx).
My host server needs to be on the 1. network and it works fine. The
quest server needs to be on the 2. network and to be tagged.[/color]
[color=blue]
I don’t have much experience in networking. So I need more help on
setting this up. The main problem is I can not find any direct
documation for this. Or I am just missing something.[/color]
If your network experience is limited, there are many sources on the
Internet that can explain the basics. Here is an example of one site
that I found:
http://www.sangoma.com/tutorials/tcp_ip/basic-ip-routing/
The short and possibly incomplete answer to your question is that you
need a router to connect your two networks (subnets) and you have to
provide routing information.
When a network consists of multiple subnets, all of which may be
connected through the same switch, VLANs can be used to ensure traffic
from one subnet does not reach a device on another subnet. If that is
how your switch is configured then it too may be preventing
communication between the two subnets.
–
Kevin Boyle - Knowledge Partner
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…
My problem does not with the switch, but how to set my server. The switch is set so that the 23er Net has to be tagged. The way I understand it, the the Server sends a “00:IP Address” instead of “23:IP-Address”. 23 is the tag ID that I need. I have tried setting a VLAN on my host Server and then I can not connect my guest server to the VLAN. I get “No supprot for macvtap device” error. Am I doing something wrong on the host side or guest side?
Midata wrote:
[color=blue]
My problem does not with the switch, but how to set my server.[/color]
When diagnosing issues, we can only work with the information you
provide. A router is needed to forward packets between different
subnets. You began to experience issues when your network changed. The
first thing to check is the network configuration but you didn’t
provide any information about that so you need to verify your network
setup.
- IP addresses / netmasks
- Router (you do have one?)
- Routing information / static routes?
If all of that is correct a misconfigured switch could still be the
issue.
[color=blue]
The switch is set so that the 23er Net has to be tagged. The way I
understand it, the the Server sends a “00:IP Address” instead of
“23:IP-Address”. 23 is the tag ID that I need. I have tried setting a
VLAN on my host Server and then I can not connect my guest server to
the VLAN.[/color]
I need more information about your configuration to really understand
what you are attempting to do, but first, I have another idea. You have
provided another clue:
[color=blue]
I get “No supprot for macvtap device” error.[/color]
Look at this and see if it helps. If it doesn’t then we need more
information.
http://wiki.libvirt.org/page/Guest_can_reach_outside_network,_but_can’t_reach_host_(macvtap)
[color=blue]
Am I doing something wrong on the host side or guest side?[/color]
You said:
[color=blue]
My host server needs to be on the 1. network and it works fine. The
quest server needs to be on the 2. network and to be tagged.[/color]
But you also said:
[color=blue]
I configured a VLAN on the host Server could get traffic thru from
host to 2. network, but not guest to 2. network.[/color]
Can you help me understand: The guest is on network 2 but can’t send
traffic on network 2?
–
Kevin Boyle - Knowledge Partner
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…
Hi Midata,
you seem to be talking about VLANs here, so just to avoid confusion, ‘the Server sends a “00:IP Address” instead of “23:IP-Address”.’ is not actually corresponding to what’s going on at the network level. Let’s just call it “traffic for network2 needs to be sent as a tagged VLAN packet and the tag is 23”.
So what seems to be required, as far as I can tell:
- the Ethernet connection from your (physical) server to the switch has both untagged and tagged (AKA “VLAN”) traffic
- the non-tagged traffic is for the IP subnet 192.168.1.0/24
- the VLAN traffic (VLAN 23) is for IP subnet 192.168.23.0/24
- your physical server needs an IP interface on 192.168.1.0/24
- your VM needs an IP interface on 192.168.23.0/24
- you set up VLAN 23 on the physical server
- your physical server’s IP connection works
I’m not into KVM - with Xen or VMware, you’d set up the VLAN on the host machine (seems you already did that) and bridge the VM’s virtual interface to that VLAN. Inside the VM, the interface is non-tagged and simply is configured with it’s IP address, no VLAN.
To further diagnose things, the following steps might be helpful
-
via “ifconfig” on the command line, configure the host VLAN interface with an IP address (i.e. the IP address of the VM - which of course needs to be stopped for this test) and ping the default router’s IP address (192.168.23.1? Your network folks ought to have told you)
-
if that works: unconfigure that IP address (by setting it to 0.0.0.0, again via ifconfig) and configure your VM to connect its LAN interface to the host’s VLAN (i.e. by specifying the host’s VLAN interface as the one to bind to) and start up the VM, configure the VM’s interface with the IP address and ping the default router
-
if that works: verify that you have the proper default route configured inside the VM and start pinging hosts out there, plus your host’s IP address
Once steps above fail, either correct yourself or come back here with details and we’ll try to sort things out.
Regards,
Jens
Hello, I know it has been a while, I got it working, but I’m not sure if it is right. I’m starting to have Problems again.
On the Host Server with Yast2:
eth1 is connected to Switch and has IP: 192.168.111.189/24 Gateway 192.168.111.100 HOSTNAME
eth0 is connected to Switch and has IP: 0.0.0.0/24 (here I also found should be to 0.0.0.0/32, that I did on another Host Server. Both seem to work.)
vlan1 set eth0, IP:0.0.0.0/32 NO HOSTNAME (acoording to my Network Section for Netz 192.168.1.0)
vlan23 set eth0, IP:0.0.0.0/32 NO HOSTNAME (acoording to my Network Section for Netz 192.168.23.0)
br1 set to vlan1, IP:0.0.0.0/32 NO HOSTNAME
br23 set to vlan1, IP:0.0.0.0/32 NO HOSTNAME
I have 3 Host Servers, each with 3 to 6 VM Servers installed. They seemed to fine, untill I wanted to install another Host Server. As soon as it booted, I got on all Host Servers,
br23: received packet on vlan23 woth own address as source address
br23: received packet on vlan23 woth own address as source address
br1: received packet on vlan1 woth own address as source address
br1: received packet on vlan1 woth own address as source address
The above message the Servers got ever 2 minutes untill I shut the Server down. So I completly reinstalled it and got the same Thing. I have googled now for 2 days and have not found any solution.
Do you have Ideas?
The guest Servers are connected with br1 or br23 using vnet and virtio Network from KVM.