In RHV is there is any communication between ethernet ports in different bridges within same hypervisor?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 6.x
  • Red Hat Enterprise Linux 7.x
  • Red Hat Virtualization

Issue

  • Is there is any communication between ethernet ports in different bridges within the same physical box in hypervisor environment?

Resolution

Short answer: no communication, they are isolated by default in RHEV Hypervisors.

Long answer: since the ethernet ports are in different bridges, there is no communication by default, unless:
1) IP routing was manually enabled and rules that could mix traffic exist - default is disabled (0 = disabled, 1 = enabled)

# cat /proc/sys/net/ipv4/ip_forward
0

2) NAT has some rules that might affect the traffic - default is empty/no rules, as shown below

# iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 

3) Some common device connecting the bridges was manually configured - not by default, very unlikely.
Some more exotic configs like a macvlan pair based on common dummy interface might to that.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments