hi everybody I'm looking at my setup and got stuck I have a box with two NICs on the same subnet, and another box similar, also two NICs on one subnet, all four NICs are on the same subnet. Now, that second box has also a virtual NIC (libvirtd's bridge route mode) and VMs guests are using it, traffic to that virtual net is routed via 1st real NIC. This second box dhcrelays to the first box(dhcpd). I see box-dhcrelay forwards to box-dhcpd, I see box-dhcpd receives and offers a lease but that VM guest does not get it. I have policy routing manually set in place so both boxes can ping each other all NICs. (including virtual NIC on the box-dhcrelay) Moreover, that VM guest can ping both boxes' all NICs when its IP address is set to manual. It's RHEL7 and I'm only trying IPv4. I'm hoping some can rule out (or suggest what might be broken in) libvirt/policy based routing. I see those offers box-dhcpd makes are exactly for the subnet of box-dhcrelay's virtual NIC/subnet. It's a pickle. An expert's thought would be great to hear.
Okay. I may be missing something; from what you explicitly write about subnets, it sounds like you only have one, but if you don't have two subnets, why do you need a DHCP relay? SO. Assuming you have two subnets: * It sounds as if your DHCP request is generating an ACK. * I'm 99% sure your ACK has to traverse the DHCP helper and wend its way back to the originating host. So I'd focus on the DHCP relay, to be sure that the ACK with lease info is both arriving at it, and then being unicast to the MAC. tcpdump on respective interfaces should do the trick (something like "tcpdump -i <dhcp-server-facing interface> port 67" or somesuch to see if it arrives, then swap it around to the other interface to see if it leaves). Good luck! -Ken P.S. I don't claim to be an expert, but I like to think I have a decent handle on DHCP. If someone sees a flaw in my thinking, please do pipe up -- I admit that this virtual stuff can be counterintuitive at times. On 2015-11-10 12:11, lejeczek wrote:> hi everybody > > I'm looking at my setup and got stuck > > I have a box with two NICs on the same subnet, and another box > similar, also two NICs on one subnet, all four NICs are on the same > subnet. > > Now, that second box has also a virtual NIC (libvirtd's bridge route > mode) and VMs guests are using it, traffic to that virtual net is > routed via 1st real NIC. This second box dhcrelays to the first > box(dhcpd). > > I see box-dhcrelay forwards to box-dhcpd, I see box-dhcpd receives and > offers a lease but that VM guest does not get it. > > I have policy routing manually set in place so both boxes can ping > each other all NICs. (including virtual NIC on the box-dhcrelay) > Moreover, that VM guest can ping both boxes' all NICs when its IP > address is set to manual. > > It's RHEL7 and I'm only trying IPv4. > I'm hoping some can rule out (or suggest what might be broken in) > libvirt/policy based routing. > I see those offers box-dhcpd makes are exactly for the subnet of > box-dhcrelay's virtual NIC/subnet. > > It's a pickle. An expert's thought would be great to hear. > > _______________________________________________ > libvirt-users mailing list > libvirt-users@redhat.com > https://www.redhat.com/mailman/listinfo/libvirt-users
On 10/11/15 19:58, Ken D'Ambrosio wrote:> Okay. I may be missing something; from what you > explicitly write about subnets, it sounds like you only > have one, but if you don't have two subnets, why do you > need a DHCP relay? SO. Assuming you have two subnets:yes, that - virtual NIC (libvirtd's bridge route mode) - I realize might have not been explicit, there is the second subnet. I' try to sniff that traffic. thanks> > * It sounds as if your DHCP request is generating an ACK. > * I'm 99% sure your ACK has to traverse the DHCP helper > and wend its way back to the originating host. > > So I'd focus on the DHCP relay, to be sure that the ACK > with lease info is both arriving at it, and then being > unicast to the MAC. tcpdump on respective interfaces > should do the trick (something like "tcpdump -i > <dhcp-server-facing interface> port 67" or somesuch to see > if it arrives, then swap it around to the other interface > to see if it leaves). > > Good luck! > > -Ken > > P.S. I don't claim to be an expert, but I like to think I > have a decent handle on DHCP. If someone sees a flaw in > my thinking, please do pipe up -- I admit that this > virtual stuff can be counterintuitive at times. > > > On 2015-11-10 12:11, lejeczek wrote: >> hi everybody >> >> I'm looking at my setup and got stuck >> >> I have a box with two NICs on the same subnet, and >> another box >> similar, also two NICs on one subnet, all four NICs are >> on the same >> subnet. >> >> Now, that second box has also a virtual NIC (libvirtd's >> bridge route >> mode) and VMs guests are using it, traffic to that >> virtual net is >> routed via 1st real NIC. This second box dhcrelays to the >> first >> box(dhcpd). >> >> I see box-dhcrelay forwards to box-dhcpd, I see box-dhcpd >> receives and >> offers a lease but that VM guest does not get it. >> >> I have policy routing manually set in place so both boxes >> can ping >> each other all NICs. (including virtual NIC on the >> box-dhcrelay) >> Moreover, that VM guest can ping both boxes' all NICs >> when its IP >> address is set to manual. >> >> It's RHEL7 and I'm only trying IPv4. >> I'm hoping some can rule out (or suggest what might be >> broken in) >> libvirt/policy based routing. >> I see those offers box-dhcpd makes are exactly for the >> subnet of >> box-dhcrelay's virtual NIC/subnet. >> >> It's a pickle. An expert's thought would be great to hear. >> >> _______________________________________________ >> libvirt-users mailing list >> libvirt-users@redhat.com >> https://www.redhat.com/mailman/listinfo/libvirt-users > >