[libvirt-users] Recommended change for the networking page in wiki
Laine Stump
laine at laine.org
Fri Jun 12 17:14:30 UTC 2015
On 06/12/2015 11:29 AM, BJ wrote:
> So should I go ahead and make the changes to the script that I suggested?
I wanted to verify that it worked okay with your changed, but got a bit
sidetracked by the fact that the redirection no longer works at all on
my Fedora system as of F22. Since I don't have time to figure out what
the problem is there, and you say that it works for you with this
addition, I guess go ahead and make the change.
You may want to look into the following though:
1) using the "network" hook instead of the "qemu" hook (the network hook
didn't exist at the time this hook was written)
2) installing rinetd and having the hook script add/remove a line in
rinetd.conf and signal it. This would eliminate all the potential points
of failure related to doing it with iptables DNAT rules. (I've been
meaning to try that out since someone suggested it a month or two ago,
but it is *way* down on my list).
Thanks for taking the time/effort to follow up on this!
>
> Thanks,
> BJ
>
> On Mon, Jun 8, 2015 at 3:21 PM, Eric Blake <eblake at redhat.com
> <mailto:eblake at redhat.com>> wrote:
>
> On 06/08/2015 02:43 PM, Laine Stump wrote:
> >> However, if I changed the destination address from "anywhere"
> to the
> >> IP of the host machine, the problem resolved. So I change the
> script
> >> to as follows. (Changes are highlighted. For some reason the
> original
> >> script didn't work using /bin/sh, but it did with /bin/bash, so I
> >> changed that too).
> >
> > I don't know for sure, but my guess is that this line:
> >
> > length=$(( ${#Host_port[@]} - 1 ))
>
> Correct - that line is a bashism, and is not portable when /bin/sh
> is dash.
>
> >
> > which was added by vgerris in order to support forwarding of
> multiple
> > ports, could be what's causing the incompatibility (that wasn't
> in the
> > original, simpler version of the script, written by me.)
> >
> >>
> >> *#!/bin/bash*
> >> # used some from advanced script to have multiple ports: use an equal
> >> number of guest and host ports
> >>
> >> Guest_name=xxxxxxx
> >> Guest_ipaddr=xxx.xxx.xxx.xx
> >> *Host_ipaddr=xxx.xxx.xxx.xx*
> >> Host_port=( '80' '443' )
> >> Guest_port=( '80' '443' )
>
> In fact, these two lines are also bashisms. All the more reason to
> require bash.
>
> >> length=$(( ${#Host_port[@]} - 1 ))
> >> if [ "${1}" = "${Guest_name}" ]; then
> >> if [ "${2}" = "stopped" -o "${2}" = "reconnect" ]; then
>
> test ... -o ... (also spelled [ ... -o ... ]) is not portable, even on
> bash. There are some expressions that are completely ambiguous on how
> to be parsed, when -o is in the mix. It is better to spell it: [
> ... ]
> || [ ... ] (that is, use the shell's || instead of test's -o to do the
> conjunction).
>
> >> for i in `seq 0 $length`; do
>
> seq is not portable outside of GNU/Linux systems.
>
> >> Lastly, I should note that I am using Ubuntu 14.04, both for
> the host
> >> and guest.
>
> Yep, that's a system that uses dash for /bin/sh.
>
> >>
> >> I'm also curious as to why this is considered a hack method. It
> states
> >> in the wiki that "This method is a hack", but it doesn't
> express why.
> >
> > I consider it a hack because:
> >
> > 1) It requires the IP address of the guest to be known before
> the guest
> > is started, so either you need to guess the guest's IP (if the
> guest is
> > getting its IP address via dhcp) or configured the guest IP
> address in
> > multiple places.
>
> Although recent work has been made to get libvirt to add an API that
> queries the guest for its IP address, once the guest is running.
>
> --
> Eric Blake eblake redhat com +1-919-301-3266
> <tel:%2B1-919-301-3266>
> Libvirt virtualization library http://libvirt.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20150612/0ad99432/attachment.htm>
More information about the libvirt-users
mailing list