[libvirt] KVM doesn't send an arp announce after live migrating a domain

Laine Stump laine at laine.org
Wed Aug 25 13:02:16 UTC 2010 

  On 08/25/2010 07:59 AM, Avi Kivity wrote:
>  On 08/25/2010 02:42 PM, Daniel P. Berrange wrote:
>>
>>> Is virt-manager able to drive this?  it would be great if you could
>>> drive everything from there.
>> Yes, it does now, under the menu Edit ->  Host Details ->  Network 
>> Interfaces
>> NetworkManager has also finally learnt to ignore ifcfg-XXX files which
>> have a BRIDGE= setting in them, so it shouldn't totally trash your guest
>> bridge networking if you leave NM running.


There are a couple of caveats remaining, though:

1) When a bridge is created and a physical interface is moved to it, 
there is a short delay (< 1 sec, but > 0) when NM hasn't yet processed 
the inotify message from the kernel, and so doesn't yet know that it's 
supposed to stop managing that interface. The result is that if you 
attempt to do "virsh iface-create br0.xml && virsh iface-start br0" 
(where br0 is becoming the master for an interface, eg "eth0" that 
previously was being used directly), the resulting "ifup" (part of 
iface-start) will fail. A delay of even 1 sec. eliminates this problem. 
This race condition will hopefully soon be remedied in NM.

Having this functionality in virt-manager really has made it dead simple 
to create a bridge, especially if NM is disabled, in which case the 
host's ethernet switches from direct connnect to bridged with no 
interruption in open connections on the interface (ie, it's possible to 
create and bring up the bridge while connected via the interface you are 
bridging).

2) If the physical interface being bridged is the only interface managed 
by NM, once it is moved to the bridge (and thus no longer managed by 
NM), NM will believe that the system is "offline", and any applications 
paying attention to that status will lose their connectivity. This isn't 
a problem if there is any other interface that's still managed by NM 
(the bridges themselves are not yet managed by NM - so far it just 
pretends they don't exist, as it does with vlans and bonds, as well as 
interfaces that are attached to a bridge).


>
> Cool.  I guess what remains is to get people to unlearn all the 
> previous hacks.


Yes, I need to add a section to the docs Daniel pointed to that suggest 
using the virsh iface-* commands (or virt-manager's functionality) when 
available, and to only do it the handmade way if netcf isn't there 
(meaning that iface-* won't be there).


>
> (also would be nice to have libvirt talk to NetworkManager instead of 
> /etc/sysconfig)
>

To solve the variations of problem (2) above, NM needs to understand 
bridges, including configuring them, and there is some amount of 
consensus (including from the NM team :-) that a good way for NM to 
configure bridges (as well as vlans and bonds) is to use the netcf 
library, as libvirt does. The biggest hurdle is finding the people 
resources to get it done ;-)

So, instead of libvirt-->netcf-->NM-->sysconfig, the diagram would be 
libvirt/NM-->netcf-->sysconfig.

More information about the libvir-list mailing list