[libvirt] RFC: automatic setting of ip_forwarding (or not)
Justin Clift
jclift at redhat.com
Thu Oct 7 11:57:12 UTC 2010
On 10/07/2010 10:48 PM, Zdenek Styblik wrote:
> On 10/04/2010 08:13 PM, Laine Stump wrote:
<snip>
>> Exactly one of my points. libvirt really wants (no, *needs*) this to be
>> on for virtual networks, but it's very likely there was a reason for it
>> being turned off, so the admin should at the very least be alerted that
>> it's being turned on, or the fact that it's off should be logged in some
>> way to assure it gets the admin's attention so they can make the proper
>> judgement call.
>>
>
> Only thing that popped in my head was: admin should read documentation :(
Is this the kind of behavioural thing that we should have a "reasonable
default" for, plus allow for it to be configured differently via
libvirtd.conf?
were_special_really_really_really_please_dont_enable_ipforwarding = 1
:)
> Once again I'm going to "troll" about this and bundled everything inside
> one thing. As I've said many times already, I'm pro-external things as
> DHCP, firewall ... whatever. On the other hand, I realize the point of
> libvirt might be to ship out-of-the-box solution like it is now.
> I mean, tell admin what to add if he wants this and that; or make
> external hooks, or whatever. That's hard to say, because there is no one
> ultimate solution.
Using the words "hooks" here makes me wonder if we could do the needed
work through having network hook scripts in place (with appropriate bits
to call them), and whether it would be a useful way of doing things.
(absolutely no idea if it's even feasible. :>)
More information about the libvir-list
mailing list