1
Hi I've been struggling to get guest networking working when using a macvtap in VEPA mode between two VMs on a host. I've spent hours (days) googling with no joy. Does this network configuration actually work?
I created the vtap's using KVM Manager by adding a NIC, selecting Network source "macvtap", Source mode VEPA, Device model: virtio.
The configuration looks like this (mac address):
vm3-62 vm2-62
---------- ------------
eth1: 172.15.62.105 eth1: 172.15.62.205
(52:54:00:08:9d:8b) (52::54:00:8a:b1:0f)
+ +
| |
\ /
\ host /
macvtap1 macvtap0
(52:54:00:08:9d:8b) (52:54:00:8a:b1:0f)
\ /
\ /
\ /
bond1.62
(98:03:9b:2d:91:a2)
|
bond1
|
NIC port 1 and 2 (active/passive config)
Not sure if the above will format ok, If the above diagram did not format here is a jpeg
The host NIC is connected to a cisco nexus 9000, which I have configured for Reflective Relay 802.1Qbg.
On vm2-62 when I try ping 172.15.62.105, I get Destination Host Unreachable.
When I use tcpdump on the host, I can see the ARP request from vm2-62 looking for the mac for 172.15.62.105 (vm3-62). I can see the request on macvtap0, and on bond1.62 and on bond1, but NOT on macvtap1.
If I manually add ARP entries on vm3-62 & vm2-62, the ping works fine so I think the reflective relay on the switch is configured ok.
It just seems that either the switch is not bouncing back the ARP request or I need to do something in Linux to enable bond1.62 to forward the ARP request to macvtap1.
Any thoughts? .
Thanks
Great first question. I'm not sure what's wrong but hopefully someone will have a helpful answer for you soon!.However considering the speciality of the question, it maybe worth asking it at https://networkengineering.stackexchange.com/ if you have no luck.
– djsmiley2k TMW – 2019-11-11T18:31:35.760Thanks - posted – Bren – 2019-11-11T21:21:24.243
Actually found a similar question on this site that's why I posted : "How to configure macvtap to let it pass multicast packet correctly?" – Bren – 2019-11-12T18:06:01.997
Just an update, so I found a similar question to this at : https://superuser.com/questions/944678/how-to-configure-macvtap-to-let-it-pass-multicast-packet-correctly/1501508#1501508, but it has not been active in a while, and I did try the solutions suggested, "ip link set dev macvtap0 allmulticast on" manually and also in the /etc/libvirt/hook/qemu, and added "interface type='direct' trustGuestRxFilters='yes'" to the vm file with virsh edit. But they did not help.
– Bren – 2019-11-13T11:21:55.430