[libvirt] interface "peer address" patches are broken
Laine Stump
laine at laine.org
Mon Apr 25 17:57:30 UTC 2016
I haven't had the time to fix it yet, but wanted to point out that the
patches that are supposed to support setting the peer address of
tap/macvlan devices do not work. The problem is that the peer attribute
isn't being included when the XML for a a domain interface is being
formatted.
I also sent the following message last week as a followup to the patch
series; possibly it wasn't noticed for that reason:.
I'll make a patch to fix the formatting when I can so that I can test my
theory about address vs. peer on lxc vs qemu. But if it's fixed by
someone else in the meantime, all the better :-)
On 04/20/2016 12:36 PM, Laine Stump wrote:
> Something I've found myself worrying about lately while driving in the
> car or nodding off to sleep - are the "address" and "peer" attributes
> effectively used in the same way for all network connection types and
> both hypervisors? I think the answer may be "no", and if so we need to
> fix that before they go out in a release.
>
> In particular, when an lxc domain's interface has:
>
> <ip address='192.168.128.1'/>
>
> That is the IP address seen by the guest, not the host. So I would
> assume that if an LXC domain had:
>
>
> <ip address='192.168.128.1' peer='192.168.128.2'/>
>
> that 192.168.128.1 would still be the IP address see by the guest, and
> 192.168.128.2 would be the IP address on the host side; and it should
> be the same for qemu.
>
> From what I can see of the code, though, on a qemu domain, the IP
> address is set for the tap device's own IP, meaning that it would show
> up on the *host* side, while the peer address would be what the host
> expects to be at the other end of the tap device (i.e. the guest
> side), so the two attributes are used for the *opposite* end of the
> PTP link in lxc vs. qemu.
>
> I think that, instead, the "address" attribute should *always* be the
> IP address that is seen/used by the guest, and the "peer" attribute
> should be the IP address that is seen/used by the host. (perhaps
> "peer" could be replaced with some other name, like "host" or
> "hostAddress" to avoid confusion? (don't like either of those
> alternatives, but I don't really like peer either)).
>
> Aside from that, I can see that these patches have been pushed in the
> code that I'm running, and I've been trying to add "peer='blah'" to
> interface IP addresses on my test machine, but it's just removed from
> the config. Have you tested what got pushed? Has something gone wrong?
>
> Since there hasn't been a release with these patches included yet,
> there is still time to fix it at least to be consistent (assuming that
> my suspicions are correct; I've been unable to test it myself for the
> reason above).
More information about the libvir-list
mailing list