Virtual Router 4.0
This guide describes how to use the Virtual Router in OpenNebula.
When instantiated in a network, this appliance provides the following services for other Virtual Machines running in the same network:
A big advantage of using this appliance is that Virtual Machines can be run in the same network without being contextualized for OpenNebula.
This appliance is controlled via CONTEXT
. More information in the following
sections.
This is a 64-bit appliance and will run both in KVM
, Xen
and VMware
environments. It will run with any
network driver.
Since each virtual router will start a DHCP server and it's not recommended to have more than one DHCP server per network, it's recommend to use it along network isolation drivers if you're going to deploy two or more router instances in your environment:
The appliance is based on alpinelinux. There's only
one user account: root
. There is no default password for the root account, however, it can be specified in the CONTEXT
section along with root's public key.
openssl passwd -1
and encoded in base64.The virtual router can be used in two ways:
Only one interface. Useful if you only want DHCP or RADVD. Of course, enabling RADVD only makes sense if the private network is IPv6.
To enable this you need to add the following context to the VM:
<xterm> TARGET = “hdb” PRIVNET = “$NETWORK[TEMPLATE, NETWORK=\”private_network_name\“]”, TEMPLATE = “$TEMPLATE” DHCP = “YES|NO” RADVD = “YES|NO” </xterm>
If you're going to a use a netmask different to '255.255.255.0' you will have to add the following to the private network's template:
<xterm> NETWORK_MASK = 255.255.255.254 </xterm>
In this case, the Virtual Machine will need two network interfaces: a private
and a public one. The public one will be masqueraded. In this mode you can also
configure a DNS server by setting the DNS
and optionally the SEARCH
attribute (useful for domain searches in /etc/resolv.conf
). This mode also
includes all the attributes related to the previous section, i.e. DHCP and RADVD
servers.
This is an example context for the router mode:
<xterm> TARGET = “hdb” PRIVNET = “$NETWORK[TEMPLATE, NETWORK=\”private_network\“]”, PUBNET = “$NETWORK[TEMPLATE, NETWORK=\”public_network\“]”, TEMPLATE = “$TEMPLATE” DHCP = “YES|NO” RADVD = “YES|NO” # Only useful for an IPv6 private network NTP_SERVER = “10.0.10.1” DNS = “8.8.4.4 8.8.8.8” SEARCH = “local.domain” FORWARDING = “8080:10.0.10.10:80 10.0.10.10:22” </xterm>
DNS
This attribute expects a list of dns servers separated by spaces.
NTP_SERVER
This attribute expects the IP of the NTP server of the cluster. The DHCP server will be configured to serve the NTP parameter to its leases.
FORWARDING
This attribute expects a list of forwarding rules separated by spaces. Each rule has either 2 or 3 components separated by :
. If only two components are specified, the first is the IP to forward the port to, and the second is the port number. If there are three components, the first is the port in the router, the second the IP to forward to, and the third the port in the forwarded Virtual Machine. Examples:
8080:10.0.10.10:80
This will forward the port 8080 in the router to the port 80 to the VM with IP 10.0.10.10.10.0.10.10:22
This will forward the port 22 in the router to the port 22 to the VM with IP 10.0.10.10.
If the public network uses a netmask different to 255.255.255.0
or if the
gateway is not the ip's network with one as the last byte: x.y.z.1
it can be
explicitely set adding the following attributes to the public network's
template:
<xterm> GATEWAY = “192.168.1.100” NETWORK_MASK = “255.255.254.0” </xterm>