[libvirt] Need review of new vswitch concept info for technical accuracy

Stefan Berger stefanb at linux.vnet.ibm.com
Tue Oct 19 15:05:55 UTC 2010 

  On 10/16/2010 03:01 PM, Justin Clift wrote:
> Hi all,
>
> Working on the "Foundation Concepts" for virtual switches at the moment.
>
> Does anyone have time/inclination to check over the concept graphics
> thus far, for technical accuracy?
>
> Especially the "Routing mode" and "Non-routing" mode ones, as I'm not
> sure if that's the right terminology for them:
>
>   http://wiki.libvirt.org/page/VirtualNetworking#Routing_mode
>   http://wiki.libvirt.org/page/VirtualNetworking#Non-routing_mode
>
> General feedback, thoughts, and suggestions are welcome too of course. :)

In case of the NAT I would mention that it is setting up Masquerading 
(rather than SNAT / DNAT) which basically only allows the VM to 
establish connections to the outside but not the other way around.


 From the page:


    Routed mode

Also commonly referred to as *bridging*. In this mode, the virtual 
switch is connected to the physical host LAN, passing guest network 
traffic back and forth without using NAT. In this mode, computers 
external to the host server directly address and communicate with guest 
virtual machines.


Routing and bridging are different, the one working on l3, the other on 
l2. So I would not say that it is 'commonly referred to as bridging', 
since this is mixing different concepts.

I suppose you describe the configuration where eth0 is plugged into the 
bridge virbr0. If yes, I would title the section as 'bridging' mode. 
Typically in this case the VMs pick up an address in the physical subnet 
from an infrastructure DHCP server and they can communicate towards the 
outside or be contacted from anywhere from the outside (assuming 
routable addresses). The addresses you are showing in the example 
picture 10.10.10.100 and 10.10.10.200 are typically 'private', thus will 
only be routed in the local network, but that's ok.

However, there is this other mode libvirt is supporting where the VM's 
interfaces are plugged in virbr0, thus they do bridging when one VM 
communicates with another VM. However, the bridge can be given an IP 
address and when a VM wants to talk to another host or VM in the network 
(beyond the VM-hosting host), the packets 'escape' the bridge, are 
routed on the Linux host towards eth0 and then delivered to the other 
host in the local subnet. Now that is a mix between routing and bridging.


    Stefan


>
> Regards and best wishes,
>
> Justin Clift
>
> -- 
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20101019/9178e1a5/attachment-0001.htm>

More information about the libvir-list mailing list