Chapter 9. Logical Networks
9.1. Logical Network Tasks
9.1.1. Performing Networking Tasks
Click on each network name and use the tabs in the details view to perform functions including:
- Attaching or detaching the networks to clusters and hosts
- Removing network interfaces from virtual machines and templates
- Adding and removing permissions for users to access and manage networks
These functions are also accessible through each individual resource.
Do not change networking in a data center or a cluster if any hosts are running as this risks making the host unreachable.
If you plan to use Red Hat Virtualization nodes to provide any services, remember that the services will stop if the Red Hat Virtualization environment stops operating.
This applies to all services, but you should be especially aware of the hazards of running the following on Red Hat Virtualization:
- Directory Services
- DNS
- Storage
9.1.2. Creating a New Logical Network in a Data Center or Cluster
Create a logical network and define its use in a data center, or in clusters in a data center.
Creating a New Logical Network in a Data Center or Cluster
-
Click
or . - Click the data center or cluster name to open the details view.
- Click the Logical Networks tab.
Open the New Logical Network window:
- From a data center details view, click New.
- From a cluster details view, click Add Network.
- Enter a Name, Description, and Comment for the logical network.
- Optionally, enable Enable VLAN tagging.
- Optionally, disable VM Network.
- Optionally, select the Create on external provider check box. This disables the Network Label, VM Network, and MTU options. See Chapter 14, External Providers for details.
Select the External Provider. The External Provider list does not include external providers that are in
read-only
mode.You can create an internal, isolated network, by selecting ovirt-provider-ovn on the External Provider list and leaving Connect to physical network unselected.
- Enter a new label or select an existing label for the logical network in the Network Label text field.
- Set the MTU value to Default (1500) or Custom.
- If you selected ovirt-provider-ovn from the External Provider drop-down list, define whether the network should implement Security Groups. See Section 9.1.7, “Logical Network General Settings Explained” for details.
- From the Cluster tab, select the clusters to which the network will be assigned. You can also specify whether the logical network will be a required network.
- If Create on external provider is selected, the Subnet tab will be visible. From the Subnet tab, select the Create subnet and enter a Name, CIDR, and Gateway address, and select an IP Version for the subnet that the logical network will provide. You can also add DNS servers as required.
- From the vNIC Profiles tab, add vNIC profiles to the logical network as required.
- Click OK.
If you entered a label for the logical network, it is automatically added to all host network interfaces with that label.
When creating a new logical network or making changes to an existing logical network that is used as a display network, any running virtual machines that use that network must be rebooted before the network becomes available or the changes are applied.
9.1.3. Editing a Logical Network
A logical network cannot be edited or moved to another interface if it is not synchronized with the network configuration on the host. See Section 9.4.2, “Editing Host Network Interfaces and Assigning Logical Networks to Hosts” on how to synchronize your networks.
Editing a Logical Network
-
Click
. - Click the data center’s name to open the details view.
- Click the Logical Networks tab and select a logical network.
- Click Edit.
Edit the necessary settings.
NoteYou can edit the name of a new or existing network, with the exception of the default network, without having to stop the virtual machines.
- Click OK.
Multi-host network configuration automatically applies updated network settings to all of the hosts within the data center to which the network is assigned. Changes can only be applied when virtual machines using the network are down. You cannot rename a logical network that is already configured on a host. You cannot disable the VM Network option while virtual machines or templates using that network are running.
9.1.4. Removing a Logical Network
You can remove a logical network from
Removing Logical Networks
-
Click
. - Click a data center’s name to open the details view.
- Click the Logical Networks tab to list the logical networks in the data center.
- Select a logical network and click Remove.
- Optionally, select the Remove external network(s) from the provider(s) as well check box to remove the logical network both from the Manager and from the external provider if the network is provided by an external provider. The check box is grayed out if the external provider is in read-only mode.
- Click OK.
The logical network is removed from the Manager and is no longer available.
9.1.5. Configuring a Non-Management Logical Network as the Default Route
The default route used by hosts in a cluster is through the management network (ovirtmgmt
). The following procedure provides instructions to configure a non-management logical network as the default route.
Prerequisite:
-
If you are using the
default_route
custom property, you need to clear the custom property from all attached hosts and then follow this procedure.
Configuring the Default Route Role
-
Click
. - Click the name of the non-management logical network to configure as the default route to access its details.
- Click the Clusters tab.
- Click Manage Network to open the Manage Network window.
- Select the Default Route checkbox for the appropriate cluster(s).
- Click OK.
When networks are attached to a host, the default route of the host will be set on the network of your choice. It is recommended to configure the default route role before any host is added to your cluster. If your cluster already contains hosts, they may become out-of-sync until you sync your change to them.
Important Limitations with IPv6
- For IPv6, Red Hat Virtualization supports only static addressing.
- If both networks share a single gateway (are on the same subnet), you can move the default route role from the management network (ovirtmgmt) to another logical network.
- If the host and Manager are not on the same subnet, the Manager loses connectivity with the host because the IPv6 gateway has been removed.
- Moving the default route role to a non-management network removes the IPv6 gateway from the network interface and generates an alert: "On cluster clustername the 'Default Route Role' network is no longer network ovirtmgmt. The IPv6 gateway is being removed from this network."
9.1.6. Viewing or Editing the Gateway for a Logical Network
Users can define the gateway, along with the IP address and subnet mask, for a logical network. This is necessary when multiple networks exist on a host and traffic should be routed through the specified network, rather than the default gateway.
If multiple networks exist on a host and the gateways are not defined, return traffic will be routed through the default gateway, which may not reach the intended destination. This would result in users being unable to ping the host.
Red Hat Virtualization handles multiple gateways automatically whenever an interface goes up or down.
Viewing or Editing the Gateway for a Logical Network
-
Click
. - Click the host’s name to open the details view.
- Click the Network Interfaces tab to list the network interfaces attached to the host, and their configurations.
- Click Setup Host Networks.
- Hover your cursor over an assigned logical network and click the pencil icon to open the Edit Management Network window.
The Edit Management Network window displays the network name, the boot protocol, and the IP, subnet mask, and gateway addresses. The address information can be manually edited by selecting a Static boot protocol.
9.1.7. Logical Network General Settings Explained
The table below describes the settings for the General tab of the New Logical Network and Edit Logical Network window.
Field Name | Description |
---|---|
Name | The name of the logical network. This text field must be a unique name with any combination of uppercase and lowercase letters, numbers, hyphens, and underscores. Note that while the name of the logical network can be longer than 15 characters and can contain non-ASCII characters, the on-host identifier (vdsm_name) will differ from the name you defined. See Mapping VDSM Names to Logical Network Names for instructions on displaying a mapping of these names. |
Description | The description of the logical network. This text field has a 40-character limit. |
Comment | A field for adding plain text, human-readable comments regarding the logical network. |
Create on external provider | Allows you to create the logical network to an OpenStack Networking instance that has been added to the Manager as an external provider. External Provider - Allows you to select the external provider on which the logical network will be created. |
Enable VLAN tagging | VLAN tagging is a security feature that gives all network traffic carried on the logical network a special characteristic. VLAN-tagged traffic cannot be read by interfaces that do not also have that characteristic. Use of VLANs on logical networks also allows a single network interface to be associated with multiple, differently VLAN-tagged logical networks. Enter a numeric value in the text entry field if VLAN tagging is enabled. |
VM Network | Select this option if only virtual machines use this network. If the network is used for traffic that does not involve virtual machines, such as storage communications, do not select this check box. |
MTU | Choose either Default, which sets the maximum transmission unit (MTU) to the value given in the parenthesis (), or Custom to set a custom MTU for the logical network. You can use this to match the MTU supported by your new logical network to the MTU supported by the hardware it interfaces with. Enter a numeric value in the text entry field if Custom is selected. |
Network Label | Allows you to specify a new label for the network or select from existing labels already attached to host network interfaces. If you select an existing label, the logical network will be automatically assigned to all host network interfaces with that label. |
Security Groups |
Allows you to assign security groups to the ports on this logical network. |
9.1.8. Logical Network Cluster Settings Explained
The table below describes the settings for the Cluster tab of the New Logical Network window.
Field Name | Description |
---|---|
Attach/Detach Network to/from Cluster(s) | Allows you to attach or detach the logical network from clusters in the data center and specify whether the logical network will be a required network for individual clusters. Name - the name of the cluster to which the settings will apply. This value cannot be edited. Attach All - Allows you to attach or detach the logical network to or from all clusters in the data center. Alternatively, select or clear the Attach check box next to the name of each cluster to attach or detach the logical network to or from a given cluster. Required All - Allows you to specify whether the logical network is a required network on all clusters. Alternatively, select or clear the Required check box next to the name of each cluster to specify whether the logical network is a required network for a given cluster. |
9.1.9. Logical Network vNIC Profiles Settings Explained
The table below describes the settings for the vNIC Profiles tab of the New Logical Network window.
Field Name | Description |
---|---|
vNIC Profiles | Allows you to specify one or more vNIC profiles for the logical network. You can add or remove a vNIC profile to or from the logical network by clicking the plus or minus button next to the vNIC profile. The first field is for entering a name for the vNIC profile. Public - Allows you to specify whether the profile is available to all users. QoS - Allows you to specify a network quality of service (QoS) profile to the vNIC profile. |
9.1.10. Designate a Specific Traffic Type for a Logical Network with the Manage Networks Window
Specify the traffic type for the logical network to optimize the network traffic flow.
Specifying Traffic Types for Logical Networks
-
Click
. - Click the cluster’s name to open the details view.
- Click the Logical Networks tab.
- Click Manage Networks.
- Select the appropriate check boxes and radio buttons.
- Click OK.
Logical networks offered by external providers must be used as virtual machine networks; they cannot be assigned special cluster roles such as display or migration.
9.1.11. Explanation of Settings in the Manage Networks Window
The table below describes the settings for the Manage Networks window.
Field | Description/Action |
---|---|
Assign | Assigns the logical network to all hosts in the cluster. |
Required | A Network marked "required" must remain operational in order for the hosts associated with it to function properly. If a required network ceases to function, any hosts associated with it become non-operational. |
VM Network | A logical network marked "VM Network" carries network traffic relevant to the virtual machine network. |
Display Network | A logical network marked "Display Network" carries network traffic relevant to SPICE and to the virtual network controller. |
Migration Network | A logical network marked "Migration Network" carries virtual machine and storage migration traffic. If an outage occurs on this network, the management network (ovirtmgmt by default) will be used instead. |
9.1.12. Editing the Virtual Function Configuration on a NIC
This is one in a series of topics that show how to set up and configure SR-IOV on Red Hat Virtualization. For more information, see Setting Up and Configuring SR-IOV
Single Root I/O Virtualization (SR-IOV) enables a single PCIe endpoint to be used as multiple separate devices. This is achieved through the introduction of two PCIe functions: physical functions (PFs) and virtual functions (VFs). A PCIe card can have between one and eight PFs, but each PF can support many more VFs (dependent on the device).
You can edit the configuration of SR-IOV-capable Network Interface Controllers (NICs) through the Red Hat Virtualization Manager, including the number of VFs on each NIC and to specify the virtual networks allowed to access the VFs.
Once VFs have been created, each can be treated as a standalone NIC. This includes having one or more logical networks assigned to them, creating bonded interfaces with them, and to directly assign vNICs to them for direct device passthrough.
A vNIC must have the passthrough property enabled in order to be directly attached to a VF. See Section 9.2.4, “Enabling Passthrough on a vNIC Profile”.
Editing the Virtual Function Configuration on a NIC
-
Click
. - Click the name of an SR-IOV-capable host to open the details view.
- Click the Network Interfaces tab.
- Click Setup Host Networks.
- Select an SR-IOV-capable NIC, marked with a , and click the pencil icon.
To edit the number of virtual functions, click the Number of VFs setting drop-down button and edit the Number of VFs text field.
ImportantChanging the number of VFs will delete all previous VFs on the network interface before creating new VFs. This includes any VFs that have virtual machines directly attached.
- The All Networks check box is selected by default, allowing all networks to access the virtual functions. To specify the virtual networks allowed to access the virtual functions, select the Specific networks radio button to list all networks. You can then either select the check box for desired networks, or you can use the Labels text field to automatically select networks based on one or more network labels.
- Click OK.
- In the Setup Host Networks window, click OK.