[libvirt-users] Recommended change for the networking page in wiki

BJ taylors2004 at gmail.com
Fri Jun 12 18:11:09 UTC 2015 

I'll go ahead and update it with my current script for now, but I'll do
some research next week on those items you just mentioned, and see if I can
make further improvements on the script. I'll let you know how that goes.

Thanks,
BJ

On Fri, Jun 12, 2015 at 11:14 AM, Laine Stump <laine at laine.org> wrote:

>  On 06/12/2015 11:29 AM, BJ wrote:
>
> So should I go ahead and make the changes to the script that I suggested?
>
>
> I wanted to verify that it worked okay with your changed, but got a bit
> sidetracked by the fact that the redirection no longer works at all on my
> Fedora system as of F22. Since I don't have time to figure out what the
> problem is there, and you say that it works for you with this addition, I
> guess go ahead and make the change.
>
> You may want to look into the following though:
>
> 1) using the "network" hook instead of the "qemu" hook (the network hook
> didn't exist at the time this hook was written)
>
> 2) installing rinetd and having the hook script add/remove a line in
> rinetd.conf and signal it. This would eliminate all the potential points of
> failure related to doing it with iptables DNAT rules. (I've been meaning to
> try that out since someone suggested it a month or two ago, but it is *way*
> down on my list).
>
> Thanks for taking the time/effort to follow up on this!
>
>
>
>
>  Thanks,
> BJ
>
> On Mon, Jun 8, 2015 at 3:21 PM, Eric Blake <eblake at redhat.com> wrote:
>
>> On 06/08/2015 02:43 PM, Laine Stump wrote:
>> >> However, if I changed the destination address from "anywhere" to the
>> >> IP of the host machine, the problem resolved. So I change the script
>> >> to as follows. (Changes are highlighted. For some reason the original
>> >> script didn't work using /bin/sh, but it did with /bin/bash, so I
>> >> changed that too).
>> >
>> > I don't know for sure, but my guess is that this line:
>> >
>> >   length=$(( ${#Host_port[@]} - 1 ))
>>
>> Correct - that line is a bashism, and is not portable when /bin/sh is
>> dash.
>>
>> >
>> > which was added by vgerris in order to support forwarding of multiple
>> > ports, could be what's causing the incompatibility (that wasn't in the
>> > original, simpler version of the script, written by me.)
>> >
>> >>
>> >> *#!/bin/bash*
>> >> # used some from advanced script to have multiple ports: use an equal
>> >> number of guest and host ports
>> >>
>> >> Guest_name=xxxxxxx
>> >> Guest_ipaddr=xxx.xxx.xxx.xx
>> >> *Host_ipaddr=xxx.xxx.xxx.xx*
>> >> Host_port=( '80' '443' )
>> >> Guest_port=( '80' '443' )
>>
>> In fact, these two lines are also bashisms.  All the more reason to
>> require bash.
>>
>> >> length=$(( ${#Host_port[@]} - 1 ))
>> >> if [ "${1}" = "${Guest_name}" ]; then
>> >>    if [ "${2}" = "stopped" -o "${2}" = "reconnect" ]; then
>>
>> test ... -o ... (also spelled [ ... -o ... ]) is not portable, even on
>> bash.  There are some expressions that are completely ambiguous on how
>> to be parsed, when -o is in the mix.  It is better to spell it: [ ... ]
>> || [ ... ] (that is, use the shell's || instead of test's -o to do the
>> conjunction).
>>
>> >>        for i in `seq 0 $length`; do
>>
>> seq is not portable outside of GNU/Linux systems.
>>
>> >> Lastly, I should note that I am using Ubuntu 14.04, both for the host
>> >> and guest.
>>
>> Yep, that's a system that uses dash for /bin/sh.
>>
>> >>
>> >> I'm also curious as to why this is considered a hack method. It states
>> >> in the wiki that "This method is a hack", but it doesn't express why.
>> >
>> > I consider it a hack because:
>> >
>> > 1) It requires the IP address of the guest to be known before the guest
>> > is started, so either you need to guess the guest's IP (if the guest is
>> > getting its IP address via dhcp) or configured the guest IP address in
>> > multiple places.
>>
>> Although recent work has been made to get libvirt to add an API that
>> queries the guest for its IP address, once the guest is running.
>>
>> --
>> Eric Blake   eblake redhat com    +1-919-301-3266
>> Libvirt virtualization library http://libvirt.org
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20150612/e43647b8/attachment.htm>

More information about the libvirt-users mailing list