Hello,
I’m going to explain my scenario in OpenNebula (updated today to 5.8.5)
- one opennebula machine that acts as server and as kvm node too
- one virtual network (name N_10), with Internet connection (NAT from server), with network address 10.10.10.0 and this configuration:
[oneadmin@system ~]$ onevnet show 0
VIRTUAL NETWORK 0 INFORMATION
ID : 0
NAME : Internet
USER : oneadmin
GROUP : oneadmin
LOCK : None
CLUSTERS : 0
BRIDGE : br0
VN_MAD : fw
AUTOMATIC VLAN ID : NO
AUTOMATIC OUTER VLAN ID : NO
USED LEASES : 112PERMISSIONS
OWNER : um-
GROUP : —
OTHER : —VIRTUAL NETWORK TEMPLATE
BRIDGE=“br0”
DESCRIPTION=“Internet access”
DNS=“my DNSs”
GATEWAY=“10.10.10.1”
NETWORK_ADDRESS=“10.10.10.0”
NETWORK_MASK=“255.255.255.0”
PHYDEV=“”
SECURITY_GROUPS=“0”
VN_MAD=“fw”ADDRESS RANGE POOL
AR 0
SIZE : 253
LEASES : 112RANGE FIRST LAST
MAC 02:00:0a:0a:0a:02 02:00:0a:0a:0a:fe
IP 10.10.10.2 10.10.10.254
- a second virtual network (name N_20), without internet connection, with network addres 20.20.20.0 and this configuration:
[oneadmin@system ~]$ onevnet show 1
VIRTUAL NETWORK 1 INFORMATION
ID : 1
NAME : Middle
USER : oneadmin
GROUP : oneadmin
LOCK : None
CLUSTERS : 0
BRIDGE : br2
VN_MAD : fw
AUTOMATIC VLAN ID : NO
AUTOMATIC OUTER VLAN ID : NO
USED LEASES : 177PERMISSIONS
OWNER : um-
GROUP : —
OTHER : —VIRTUAL NETWORK TEMPLATE
BRIDGE=“br2”
DESCRIPTION=“Middle”
NETWORK_ADDRESS=“20.20.20.0”
NETWORK_MASK=“255.255.254.0”
PHYDEV=“”
SECURITY_GROUPS=“0”
VLAN_ID=“”
VN_MAD=“fw”ADDRESS RANGE POOL
AR 0
SIZE : 500
LEASES : 177RANGE FIRST LAST
MAC 02:00:14:14:14:02 02:00:14:14:15:f5
IP 20.20.20.2 20.20.21.245
-
server doing NAT with this iptables rule in table NAT:
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 10.10.10.0/24 -o br0 -j MASQUERADE
COMMIT -
a linuxbridge br0 connected to physical device eth0
[oneadmin@system ~]$ brctl show
bridge name bridge id STP enabled interfaces
br0 8000.801844ee6b34 no eth0
-
this bridge br0 has two IP address: a public IP address and 10.10.10.1
-
another bridge, br2, with no IP address and not connected to any physical device
-
in Opennebula, both virtual network are created with “Bridged and Security Groups” mode. Neither N_10 nor N_20 have a physical device conneted
Now, I will explain what I have get this morning:
After creating two instances, both of them with two networks interfaces, each of them connected to each virtual network, I have reconfigured inside the instances the IP addresses assigned to them. For example, in both instances I have reconfigured second network interface, changing address from range 20.20.20.X to a “new” range 123.1.1.X. Opennebula scheduler doesn’t know what I have done inside the instance… Now, after restarting networking daemon, I can ping from 123.1.1.2 to 123.1.1.3… but both instances were connected to virtual network 20.20.20.0…
Why?
Thanks.