[libvirt] RFC: automatic setting of ip_forwarding (or not)
Eric Blake
eblake at redhat.com
Fri Oct 1 20:40:35 UTC 2010
On 10/01/2010 12:46 PM, Laine Stump wrote:
> 3) Whenever a virtual network that would require ip_forward = 1 to
> operate properly is started (ie at libvirtd start time, and when a
> network is newly defined), check if it's currently on, and if not log a
> warning message, informing the admin that they should turn on ip_forward
> in sysctl.conf and reload it in order to have properly working networking.
>
> This would assure that the admin was informed of the necessity for
> ip_forward, but eliminate the possibility of two processes fighting over
> the setting of ip_forward, leaving it up to the admin to make the
> decision and do the right thing. On the other hand, it would prevent
> libvirt's networking from "just working" on a new install.
Option 3 is consistent with what we just checked in for nwfilter vs.
/proc/sys/net/bridge/bridge-nf-call-ip[6]tables in commit 570d040435.
On the surface, I'm liking that option best - tell the user that we
can't do what they asked because it requires them to make a conscious
admin decision; even though it unfortunately doesn't play nicely with
out-of-the-box installation (and that matters more for user attitudes
than anything else, in my experience).
> 4) Turn ip_forward on during libvirt install.
>
> This one doesn't make sense to me, because you don't know at the time of
> libvirt install whether or not the installation if going to end up with
> any virtual networks that need forwarding.
Now, thinking a bit outside the box: is it possible to create a
libvirt-network package, whose sole purpose is to turn on the ip_forward
setting at install time? That is, the main libvirt package doesn't
touch the setting, but an optional add-on package does; that way, users
can choose whether to install one or both packages, depending on their
intended usage patterns. In other words, I think point 4 via split
packaging solves this nicely.
> I think the important things to accomplish are:
> 1) Avoid having networking magically stop working when someone else
> reloads sysctl.conf
Agreed. Point 3 meets this, but by putting the burden on the sysadmin.
Point 4 also meets it by actually changing the persistent config, if
the optional package is installed.
>
> 2) Make sure that the admin realizes that ip_forward is being turned on
> (or needs to be turned on).
Point 3 meets this via error message; point 4 meets this by explicitly
requesting the extra package.
>
> 3) If we're going to turn it on, at least don't do it if it's not needed.
Point 3 meets this by leaving it up to the sysadmin; point 4 meets this
by leaving the optional package out.
>
> 4) Something else we need to consider is the ability to provision a host
> for proper guest networking purely through the libvirt API, and if we
> were to stop turning on ip_forward automatically when a network was
> started, that wouldn't work anymore (unless ip_forward happened to be
> turned on already).
Not sure how best to address this through just libvirt API.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
More information about the libvir-list
mailing list