|
On 10/03/2012 10:08 PM, Gene Czarcinski
wrote:
OK, either I have taken a stupid pill and am missing something basic or routed network do not work. I use routed networks, but they require some extra work. The docs [1] say that "This is a variant on the default network which routes traffic from the virtual network to the LAN without applying any NAT. It requires that the IP address range be pre-configured in the routing tables of the router on the host network." (emphasis mine) The way I read into this is that you are responsible for routing packets yourself. The docs say that you have to use IP addresses that are visible by the host and external machines and configure your routing table, so that it forwards packets to the VMs. I am not sure how to do that, but I have a different solution -- I use a pair of IP addresses for each VM: external (real and configured on the host) and internal. Then I have a SNAT + DNAT pair of iptables rules that expose the VM to the outside world in a manner similar to the one used in DMZ setups: ubuntu@thehost:~$ sudo iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT all -- 0.0.0.0/0 X.Y.Z.120 to:10.1.1.2 ... Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 10.1.1.2 0.0.0.0/0 to:X.Y.Z.120 I am not sure if anyone else is doing the SNAT/DNAT thing to routed networks, but it's been working quite nicely for me so far. Best, Hristo [1] http://libvirt.org/formatnetwork.html#examplesRoute |
_______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
