On 11/16/2011 08:46 AM, William A. Mahaffey III wrote: >>> The route command on the host will show the newly added routes for the >>> VM. Also, tail your syslog file & you will see messages about every 15 >>> min. from dnsmasq w/ the IP adder. of the VM. >> > > & I definitely agree that virsh *should* show that info :-) .... This has been an oft-requested feature, but no one has yet submitted patches. The closest we have is that use of nwfilter can snoop a guest's address, but this isn't yet exposed to the user via an easy-to-access API. If you set up a DHCP server to assign guest IP addresses based on guest MAC address, then you know what IP address the guest should have. But if this is not the case, then the only way libvirt can learn this is by snooping - libvirt can snoop DHCP traffic to learn what an external dhcp server is giving to the guest, as well as snoop guest traffic to see what address the guest appears to be using. But a malicious guest can spoof this snooping, not to mention that a guest that uses multiple IP addresses on a single interface may confuse libvirt, which will probably only snoop the first address used. And a guest that never initiates traffic is hard to snoop - making it hard to know what address to use for ssh into the guest. There are also plans to make use of a guest agent for communicating the guest IP address back over the agent channel (right now, libvirt's only use of a guest agent is for triggering guest shutdown), but again this relies on the agent being present in the guest and cannot be deemed 100% reliable. Use of libvirt guest console features tends to be more reliable than trying to ssh into a guest, since that bypasses the need to learn the guest's IP address. -- Eric Blake eblake@xxxxxxxxxx +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
